Unrated severityNVD Advisory· Published Dec 12, 2008· Updated Apr 23, 2026

CVE-2008-5520

Description

AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Affected products

Ahnlab/V3 Internet Security2 versions
cpe:2.3:a:ahnlab:v3_internet_security:2008.12.4.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ahnlab:v3_internet_security:2008.12.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ahnlab:v3_internet_security:2008.9.13.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityreason.com/securityalert/4723nvd
www.securityfocus.com/archive/1/498995/100/0/threadednvd
www.securityfocus.com/archive/1/499043/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/47435nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000