1. CVE-Search
  2. CVE-2008-3215
ID CVE-2008-3215
Summary libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
References
Vulnerable Configurations
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p1:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.1:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.1:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.2:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.2:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p1:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.91.2:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.91.2:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.92:p0:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.92:p0:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-08-2017 - 01:31)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
apple APPLE-SA-2008-09-15
cert TA08-260A
confirm
fedora
  • FEDORA-2008-6338
  • FEDORA-2008-6422
gentoo GLSA-200808-07
mandriva MDVSA-2008:166
mlist
  • [oss-security] 20080708 Re: CVE id request: Clamav
  • [oss-security] 20080715 Re: CVE id request: Clamav
secunia
  • 31091
  • 31437
  • 31882
suse SUSE-SR:2008:015
vupen ADV-2008-2584
xf clamav-petitec-dos(44200)
Last major update 08-08-2017 - 01:31
Published 18-07-2008 - 16:41
Last modified 08-08-2017 - 01:31
Back to Top