CVE-2008-5542

Name of the Vulnerable Software and Affected Versions Sunbelt VIPRE versions 3.1.1633.1 through 3.1.1832.2

Description The issue allows remote attackers to bypass malware detection in HTML documents by modifying the file header and extension. This can be achieved by placing an MZ header at the beginning of the file and changing the filename to have no extension, a .txt extension, or a .jpg extension. This technique can be used to bypass detection of exploits, such as the one demonstrated for a specific vulnerability.

Recommendations For Sunbelt VIPRE version 3.1.1633.1, update to a version that is not affected by this issue. For Sunbelt VIPRE version 3.1.1832.2, update to a version that is not affected by this issue. As a temporary workaround, consider restricting the processing of files with modified headers and extensions to minimize the risk of exploitation.