Lucene search

[email protected]CVE-2008-3447

HistoryAug 04, 2008 - 5:41 p.m.

CVE-2008-3447

2008-08-0417:41:00

CWE-399

[email protected]

web.nvd.nist.gov

f-prot

antivirus

denial of service

malformed zip archive

vulnerability

cve-2008-3447

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.149 Low

EPSS

Percentile

95.8%

JSON

The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.

Affected configurations

NVD

Node

f-protf-prot_antivirusMatch6.2.1.4252

f-protscanning_engineMatch4.4.4.56

CPENameOperatorVersion
f-prot:f-prot_antivirusf-prot f-prot antiviruseq6.2.1.4252
f-prot:scanning_enginef-prot scanning engineeq4.4.4.56

CPE	Name	Operator	Version
f-prot:f-prot_antivirus	f-prot f-prot antivirus	eq	6.2.1.4252
f-prot:scanning_engine	f-prot scanning engine	eq	4.4.4.56

References

seclists.org/fulldisclosure/2008/Jul/0569.html

secunia.com/advisories/31313

www.securityfocus.com/bid/30461

www.securitytracker.com/id?1020612

www.vupen.com/english/advisories/2008/2283

exchange.xforce.ibmcloud.com/vulnerabilities/44134

www.exploit-db.com/exploits/6174

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.149 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2008-3447

prion1 nvd1 cvelist1