Lucene search

[email protected]NVD:CVE-2008-5314

HistoryDec 03, 2008 - 5:30 p.m.

CVE-2008-5314

2008-12-0317:30:00

CWE-399

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.151 Low

EPSS

Percentile

95.9%

JSON

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

Affected configurations

NVD

Node

clam_anti-virusclamavRange≤0.94.1

clam_anti-virusclamavMatch0.70

clam_anti-virusclamavMatch0.71

clam_anti-virusclamavMatch0.72

clam_anti-virusclamavMatch0.73

clam_anti-virusclamavMatch0.74

clam_anti-virusclamavMatch0.75

clam_anti-virusclamavMatch0.75.1

clam_anti-virusclamavMatch0.80

clam_anti-virusclamavMatch0.80rc

clam_anti-virusclamavMatch0.80rc2

clam_anti-virusclamavMatch0.80rc3

clam_anti-virusclamavMatch0.80rc4

clam_anti-virusclamavMatch0.81

clam_anti-virusclamavMatch0.81rc1

clam_anti-virusclamavMatch0.82

clam_anti-virusclamavMatch0.83

clam_anti-virusclamavMatch0.84

clam_anti-virusclamavMatch0.84rc1

clam_anti-virusclamavMatch0.84rc2

clam_anti-virusclamavMatch0.85

clam_anti-virusclamavMatch0.85.1

clam_anti-virusclamavMatch0.86

clam_anti-virusclamavMatch0.86rc1

clam_anti-virusclamavMatch0.86.1

clam_anti-virusclamavMatch0.86.2

clam_anti-virusclamavMatch0.87

clam_anti-virusclamavMatch0.87.1

clam_anti-virusclamavMatch0.88

clam_anti-virusclamavMatch0.88.1

clam_anti-virusclamavMatch0.88.2

clam_anti-virusclamavMatch0.88.3

clam_anti-virusclamavMatch0.88.4

clam_anti-virusclamavMatch0.88.5

clam_anti-virusclamavMatch0.88.6

clam_anti-virusclamavMatch0.88.7

clam_anti-virusclamavMatch0.90

clam_anti-virusclamavMatch0.90.1

clam_anti-virusclamavMatch0.90.2

clam_anti-virusclamavMatch0.90.3

clam_anti-virusclamavMatch0.91

clam_anti-virusclamavMatch0.91.1

clam_anti-virusclamavMatch0.91.2

clam_anti-virusclamavMatch0.92

clam_anti-virusclamavMatch0.92.1

clam_anti-virusclamavMatch0.93

clam_anti-virusclamavMatch0.93.1

clam_anti-virusclamavMatch0.93.3

clam_anti-virusclamavMatch0.94

References

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

lurker.clamav.net/message/20081126.150241.55b1e092.en.html

osvdb.org/50363

secunia.com/advisories/32926

secunia.com/advisories/32936

secunia.com/advisories/33016

secunia.com/advisories/33195

secunia.com/advisories/33317

secunia.com/advisories/33937

security.gentoo.org/glsa/glsa-200812-21.xml

sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134

support.apple.com/kb/HT3438

www.debian.org/security/2008/dsa-1680

www.mandriva.com/security/advisories?name=MDVSA-2008:239

www.openwall.com/lists/oss-security/2008/12/01/8

www.securityfocus.com/bid/32555

www.securitytracker.com/id?1021296

www.ubuntu.com/usn/usn-684-1

www.vupen.com/english/advisories/2008/3311

www.vupen.com/english/advisories/2009/0422

exchange.xforce.ibmcloud.com/vulnerabilities/46985

www.exploit-db.com/exploits/7330

wwws.clamav.net/bugzilla/show_bug.cgi?id=1266

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.151 Low

EPSS

Percentile

95.9%

JSON

Related for NVD:CVE-2008-5314

nessus10 openvas16 debiancve1 ubuntucve1 ubuntu1 checkpoint_advisories1 cvelist1 cve1 prion1 debian3 osv1 gentoo1