BitDefender Internet Security 2009文件名跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1183538 漏洞类型 跨站脚本
发布时间 2009-02-26 更新时间 2009-03-17
CVE编号 CVE-2009-0850 CNNVD-ID CNNVD-200903-178
漏洞平台 N/A CVSS评分 4.3
|漏洞来源
https://www.securityfocus.com/bid/33921
https://cxsecurity.com/issue/WLB-2009020059
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200903-178
|漏洞详情
BitDefenderInternetSecurity是可提供多种防护功能的安全软件。在扫描文件时BitDefenderInternetSecurity使用flash显示文件名。如果用户准备了包含有恶意脚本的畸形的rar或zip压缩文档,则当杀毒软件扫描到该文件时就会执行脚本。
|漏洞EXP
 Application: BitDefender Internet Security 2009
 OS: Windows Xp (All patches a day)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description

BitDefender Internet Security is a security software
that includes multiples protections, for example (anti spam, anti spyware,etc).

------------------------------------------------------
Vulnerability

The vulnerability is caused because when you scans a file, 
the antivirus used a flash for display the name of file,
with this you can make a malformed rar or zip that containing a script.
and when the av scans the file, run the script.

------------------------------------------------------
POC/EXPLOIT

The poc is the video because for make the poc you need a virus file.

the xss is this

<h1 id="header" onmousemove="alert(1)" test </h1>

http://video.google.com/videoplay?docid=-8346357281340486654

------------------------------------------------------
Juan Pablo Lopez Yacubian
|受影响的产品
BitDefender Internet Security 2009 0
|参考资料

来源:VUPEN
名称:ADV-2009-0557
链接:http://www.vupen.com/english/advisories/2009/0557
来源:BID
名称:33921
链接:http://www.securityfocus.com/bid/33921
来源:BUGTRAQ
名称:20090227Re:BitDefenderInternetSecurityXSS
链接:http://www.securityfocus.com/archive/1/archive/1/501299/100/0/threaded
来源:BUGTRAQ
名称:20090226BitDefenderInternetSecurityXSS
链接:http://www.securityfocus.com/archive/1/archive/1/501277/100/0/threaded
来源:SECUNIA
名称:34082
链接:http://secunia.com/advisories/34082