Lucene search

[email protected]CVE-2008-5747

HistoryDec 29, 2008 - 3:24 p.m.

CVE-2008-5747

2008-12-2915:24:23

CWE-399

[email protected]

web.nvd.nist.gov

cve-2008-5747

f-prot

gnu/linux

remote attackers

anti-virus protection

elf program

corrupted header

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON

F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a “corrupted” header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor.

Affected configurations

NVD

Node

f-protf-prot_antivirusMatch4.6.8linux

CPENameOperatorVersion
f-prot:f-prot_antivirusf-prot f-prot antiviruseq4.6.8

CPE	Name	Operator	Version
f-prot:f-prot_antivirus	f-prot f-prot antivirus	eq	4.6.8

References

secunia.com/advisories/34700

security.gentoo.org/glsa/glsa-200904-14.xml

securityreason.com/securityalert/4822

www.ivizsecurity.com/security-advisory-iviz-sr-08016.html

www.securityfocus.com/archive/1/499083

www.securityfocus.com/archive/1/499305/100/0/threaded

www.securityfocus.com/archive/1/499501/100/0/threaded

www.securityfocus.com/bid/32753

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for CVE-2008-5747

openvas4 nvd1 prion1 cvelist1 nessus1 gentoo1