Details of VAR-200812-0476

ID

VAR-200812-0476

CVE

CVE-2008-5540

TITLE

Secure Computing Secure Web Gateway In HTML Vulnerabilities that prevent detection of malware in documents

Trust: 0.8

sources: JVNDB: JVNDB-2008-006544

DESCRIPTION

Secure Computing Secure Web Gateway (aka Webwasher), when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. This vulnerability CVE-2006-5745 Can be reproduced with documents included in the exploit.First by a third party MZ By arranging the header and changing the file name to the following name, HTML May prevent detection of malware in the document. (1) No extension (2) .txt extension (3) .jpg extension. Webwasher) allows remote attackers by placing an MZ header (i.e. An example of exploiting this vulnerability is a document that contains an exploit for CVE-2006-5745

Trust: 1.98

sources: NVD: CVE-2008-5540 // JVNDB: JVNDB-2008-006544 // BID: 84676 // VULHUB: VHN-35665

AFFECTED PRODUCTS

vendor:	secure computing	model:	web gateway	scope:	eq	version:	*	Trust: 1.0
vendor:	secure computing	model:	webwasher	scope:	eq	version:	*	Trust: 1.0
vendor:	securecomputing	model:	secure web gateway	scope:	-	version:	-	Trust: 0.8
vendor:	securecomputing	model:	webwasher	scope:	-	version:	-	Trust: 0.8
vendor:	secure computing	model:	web gateway	scope:	-	version:	-	Trust: 0.6
vendor:	secure computing	model:	webwasher	scope:	-	version:	-	Trust: 0.6
vendor:	secure	model:	computing webwasher	scope:	eq	version:	0	Trust: 0.3
vendor:	secure	model:	computing secure web gateway	scope:	eq	version:	0	Trust: 0.3

sources: BID: 84676 // JVNDB: JVNDB-2008-006544 // CNNVD: CNNVD-200812-226 // NVD: CVE-2008-5540

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-5540
value:	HIGH
Trust: 1.0
NVD:	CVE-2008-5540
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200812-226
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-35665
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2008-5540
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-35665
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-35665 // JVNDB: JVNDB-2008-006544 // CNNVD: CNNVD-200812-226 // NVD: CVE-2008-5540

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-35665 // JVNDB: JVNDB-2008-006544 // NVD: CVE-2008-5540

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200812-226

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200812-226

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-006544

PATCH

title:

Top Page

url:

http://www.securecomputing.com/

Trust: 0.8

sources: JVNDB: JVNDB-2008-006544

EXTERNAL IDS

db:	NVD	id:	CVE-2008-5540	Trust: 2.8
db:	SREASON	id:	4723	Trust: 2.0
db:	XF	id:	47435	Trust: 0.9
db:	JVNDB	id:	JVNDB-2008-006544	Trust: 0.8
db:	BUGTRAQ	id:	20081209 MULTIPLE VENDOR ANTI-VIRUS SOFTWARE MALICIOUS WEBPAGE DETECTION BYPASS -UPDATE-	Trust: 0.6
db:	BUGTRAQ	id:	20081208 MULTIPLE VENDOR ANTI-VIRUS SOFTWARE MALICIOUS WEBPAGE DETECTION BYPASS	Trust: 0.6
db:	CNNVD	id:	CNNVD-200812-226	Trust: 0.6
db:	BID	id:	84676	Trust: 0.4
db:	VULHUB	id:	VHN-35665	Trust: 0.1

sources: VULHUB: VHN-35665 // BID: 84676 // JVNDB: JVNDB-2008-006544 // CNNVD: CNNVD-200812-226 // NVD: CVE-2008-5540

REFERENCES

url:	http://securityreason.com/securityalert/4723	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/498995/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/499043/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/47435	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/47435	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/499043/100/0/threaded	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/498995/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5540	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5540	Trust: 0.8

sources: VULHUB: VHN-35665 // BID: 84676 // JVNDB: JVNDB-2008-006544 // CNNVD: CNNVD-200812-226 // NVD: CVE-2008-5540

CREDITS

Unknown

Trust: 0.3

sources: BID: 84676

SOURCES

db:	VULHUB	id:	VHN-35665
db:	BID	id:	84676
db:	JVNDB	id:	JVNDB-2008-006544
db:	CNNVD	id:	CNNVD-200812-226
db:	NVD	id:	CVE-2008-5540

LAST UPDATE DATE

2025-04-10T22:56:48.118000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-35665	date:	2018-10-11T00:00:00
db:	BID	id:	84676	date:	2008-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2008-006544	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200812-226	date:	2009-01-29T00:00:00
db:	NVD	id:	CVE-2008-5540	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-35665	date:	2008-12-12T00:00:00
db:	BID	id:	84676	date:	2008-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2008-006544	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200812-226	date:	2008-12-12T00:00:00
db:	NVD	id:	CVE-2008-5540	date:	2008-12-12T18:30:03.063