Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-5050
HistoryNov 13, 2008 - 2:30 a.m.

CVE-2008-5050

2008-11-1302:30:01
CWE-119
[email protected]
web.nvd.nist.gov
8

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

High

EPSS

0.054

Percentile

93.1%

JSON

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

Affected configurations

Nvd
Node
clam_anti-virusclamavRange0.94
OR
clam_anti-virusclamavMatch0.01
OR
clam_anti-virusclamavMatch0.02
OR
clam_anti-virusclamavMatch0.03
OR
clam_anti-virusclamavMatch0.04
OR
clam_anti-virusclamavMatch0.05
OR
clam_anti-virusclamavMatch0.06
OR
clam_anti-virusclamavMatch0.10
OR
clam_anti-virusclamavMatch0.11
OR
clam_anti-virusclamavMatch0.12
OR
clam_anti-virusclamavMatch0.13
OR
clam_anti-virusclamavMatch0.14
OR
clam_anti-virusclamavMatch0.14pre
OR
clam_anti-virusclamavMatch0.15
OR
clam_anti-virusclamavMatch0.20
OR
clam_anti-virusclamavMatch0.21
OR
clam_anti-virusclamavMatch0.22
OR
clam_anti-virusclamavMatch0.23
OR
clam_anti-virusclamavMatch0.24
OR
clam_anti-virusclamavMatch0.51
OR
clam_anti-virusclamavMatch0.52
OR
clam_anti-virusclamavMatch0.53
OR
clam_anti-virusclamavMatch0.54
OR
clam_anti-virusclamavMatch0.60
OR
clam_anti-virusclamavMatch0.60p
OR
clam_anti-virusclamavMatch0.65
OR
clam_anti-virusclamavMatch0.67
OR
clam_anti-virusclamavMatch0.68
OR
clam_anti-virusclamavMatch0.68.1
OR
clam_anti-virusclamavMatch0.70
OR
clam_anti-virusclamavMatch0.71
OR
clam_anti-virusclamavMatch0.72
OR
clam_anti-virusclamavMatch0.73
OR
clam_anti-virusclamavMatch0.74
OR
clam_anti-virusclamavMatch0.75
OR
clam_anti-virusclamavMatch0.75.1
OR
clam_anti-virusclamavMatch0.80
OR
clam_anti-virusclamavMatch0.80rc
OR
clam_anti-virusclamavMatch0.80rc2
OR
clam_anti-virusclamavMatch0.80rc3
OR
clam_anti-virusclamavMatch0.80rc4
OR
clam_anti-virusclamavMatch0.80_rc1
OR
clam_anti-virusclamavMatch0.80_rc2
OR
clam_anti-virusclamavMatch0.80_rc3
OR
clam_anti-virusclamavMatch0.80_rc4
OR
clam_anti-virusclamavMatch0.81
OR
clam_anti-virusclamavMatch0.81rc1
OR
clam_anti-virusclamavMatch0.81_rc1
OR
clam_anti-virusclamavMatch0.82
OR
clam_anti-virusclamavMatch0.83
OR
clam_anti-virusclamavMatch0.84
OR
clam_anti-virusclamavMatch0.84rc1
OR
clam_anti-virusclamavMatch0.84rc2
OR
clam_anti-virusclamavMatch0.84_rc1
OR
clam_anti-virusclamavMatch0.84_rc2
OR
clam_anti-virusclamavMatch0.85
OR
clam_anti-virusclamavMatch0.85.1
OR
clam_anti-virusclamavMatch0.86
OR
clam_anti-virusclamavMatch0.86rc1
OR
clam_anti-virusclamavMatch0.86.1
OR
clam_anti-virusclamavMatch0.86.2
OR
clam_anti-virusclamavMatch0.86_rc1
OR
clam_anti-virusclamavMatch0.87
OR
clam_anti-virusclamavMatch0.87.1
OR
clam_anti-virusclamavMatch0.88
OR
clam_anti-virusclamavMatch0.88.1
OR
clam_anti-virusclamavMatch0.88.2
OR
clam_anti-virusclamavMatch0.88.3
OR
clam_anti-virusclamavMatch0.88.4
OR
clam_anti-virusclamavMatch0.88.5
OR
clam_anti-virusclamavMatch0.88.6
OR
clam_anti-virusclamavMatch0.88.7
OR
clam_anti-virusclamavMatch0.88.7p0
OR
clam_anti-virusclamavMatch0.88.7p1
OR
clam_anti-virusclamavMatch0.90
OR
clam_anti-virusclamavMatch0.90.1
OR
clam_anti-virusclamavMatch0.90.1p0
OR
clam_anti-virusclamavMatch0.90.2
OR
clam_anti-virusclamavMatch0.90.2p0
OR
clam_anti-virusclamavMatch0.90.3
OR
clam_anti-virusclamavMatch0.90.3p0
OR
clam_anti-virusclamavMatch0.90.3p1
OR
clam_anti-virusclamavMatch0.90_rc1.1
OR
clam_anti-virusclamavMatch0.90_rc2
OR
clam_anti-virusclamavMatch0.90_rc3
OR
clam_anti-virusclamavMatch0.90rc1
OR
clam_anti-virusclamavMatch0.91
OR
clam_anti-virusclamavMatch0.91.1
OR
clam_anti-virusclamavMatch0.91.2
OR
clam_anti-virusclamavMatch0.91.2p0
OR
clam_anti-virusclamavMatch0.91rc1
OR
clam_anti-virusclamavMatch0.91rc2
OR
clam_anti-virusclamavMatch0.92
OR
clam_anti-virusclamavMatch0.92p0
OR
clam_anti-virusclamavMatch0.92.1
OR
clam_anti-virusclamavMatch0.93
OR
clam_anti-virusclamavMatch0.93.1
OR
clam_anti-virusclamavMatch0.93.2
OR
clam_anti-virusclamavMatch0.93.3
VendorProductVersionCPE
clam_anti-virusclamav*cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
clam_anti-virusclamav0.01cpe:2.3:a:clam_anti-virus:clamav:0.01:*:*:*:*:*:*:*
clam_anti-virusclamav0.02cpe:2.3:a:clam_anti-virus:clamav:0.02:*:*:*:*:*:*:*
clam_anti-virusclamav0.03cpe:2.3:a:clam_anti-virus:clamav:0.03:*:*:*:*:*:*:*
clam_anti-virusclamav0.04cpe:2.3:a:clam_anti-virus:clamav:0.04:*:*:*:*:*:*:*
clam_anti-virusclamav0.05cpe:2.3:a:clam_anti-virus:clamav:0.05:*:*:*:*:*:*:*
clam_anti-virusclamav0.06cpe:2.3:a:clam_anti-virus:clamav:0.06:*:*:*:*:*:*:*
clam_anti-virusclamav0.10cpe:2.3:a:clam_anti-virus:clamav:0.10:*:*:*:*:*:*:*
clam_anti-virusclamav0.11cpe:2.3:a:clam_anti-virus:clamav:0.11:*:*:*:*:*:*:*
clam_anti-virusclamav0.12cpe:2.3:a:clam_anti-virus:clamav:0.12:*:*:*:*:*:*:*
Rows per page:
1-10 of 991

References

Related

debiancve 1
openvas 22
nessus 15
prion 1
cve 1
freebsd 1
ubuntucve 1
redhatcve 1
ubuntu 1
cvelist 1
debian 3
osv 1
gentoo 1
fedora 2
debiancve
debiancve
CVE-2008-5050
2008-11-13 02:30:01
openvas
openvas
ClamAV < 0.94.1 get_unicode_name() Off-By-One Heap based BOF Vulnerability
2008-11-26 00:00:00
Ubuntu: Security Advisory (USN-672-1)
2009-03-23 00:00:00
SLES9: Security update for ClamAV
2009-10-10 00:00:00
nessus
nessus
Ubuntu 8.10 : clamav vulnerability (USN-672-1)
2009-04-23 00:00:00
SuSE9 Security Update : ClamAV (YOU Patch Number 12292)
2009-09-24 00:00:00
SuSE9 Security Update : clamav (YOU Patch Number 12293)
2012-04-23 00:00:00
prion
prion
Heap overflow
2008-11-13 02:30:00
cve
cve
CVE-2008-5050
2008-11-13 02:30:01
freebsd
freebsd
clamav -- off-by-one heap overflow in VBA project parser
2008-11-08 00:00:00
ubuntucve
ubuntucve
CVE-2008-5050
2008-11-13 00:00:00
redhatcve
redhatcve
CVE-2008-5050
2019-10-04 20:42:46
ubuntu
ubuntu
ClamAV vulnerability
2008-11-17 00:00:00
cvelist
cvelist
CVE-2008-5050
2008-11-13 01:00:00
debian
debian
[Backports-security-announce] Security Update for clamav
2008-12-15 12:36:28
[Backports-security-announce] Security Update for clamav
2008-12-15 13:31:51
[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
2008-12-04 08:26:17
osv
osv
clamav - potential code execution
2008-12-04 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2008-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: clamav-0.93.3-2.fc9
2008-11-14 12:44:50
[SECURITY] Fedora 8 Update: clamav-0.92.1-4.fc8
2008-11-14 12:46:28

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

High

EPSS

0.054

Percentile

93.1%

JSON
Related for NVD:CVE-2008-5050
debiancve1openvas22nessus15prion1cve1freebsd1ubuntucve1redhatcve1ubuntu1cvelist1debian3osv1gentoo1fedora2