CVE-2008-0308

Published: Feb 28, 2008Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Affected (13)

Products: Symantec: Scan Engine, Symantec Antivirus Clearswift, Symantec Antivirus Filtering Domino Mpe, Symantec Antivirus Messaging, Symantec Antivirus Microsoft Sharepoint, Symantec Antivirus Ms Isa, Symantec Antivirus Network Attached Storage, Symantec Antivirus Scan Engine, Symantec Antivirus Scan Engine Caching, Symantec Mail Security Exchange

Symantec

10 products

Scan Engine

Symantec Antivirus Clearswift

Symantec Antivirus Filtering Domino Mpe

Symantec Antivirus Messaging

Symantec Antivirus Microsoft Sharepoint

Symantec Antivirus Ms Isa

Symantec Antivirus Network Attached Storage

Symantec Antivirus Scan Engine

Symantec Antivirus Scan Engine Caching

Symantec Mail Security Exchange

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Symantec Scan Engine	Up to 5.1.4.24
Symantec Symantec Antivirus Clearswift	Up to 4.3.16.39
Symantec Symantec Antivirus Filtering Domino Mpe	Up to 3.0.12
Symantec Symantec Antivirus Filtering Domino Mpe	Up to 3.0.12
Symantec Symantec Antivirus Filtering Domino Mpe	Up to 3.0.12
Symantec Symantec Antivirus Messaging	Up to 4.3.16.39
Symantec Symantec Antivirus Microsoft Sharepoint	Up to 4.3.16.39
Symantec Symantec Antivirus Ms Isa	Up to 4.3.16.39
Symantec Symantec Antivirus Network Attached Storage	Up to 4.3.16.39
Symantec Symantec Antivirus Scan Engine	Up to 4.3.16.39
Symantec Symantec Antivirus Scan Engine Caching	Up to 4.3.16.39
Symantec Symantec Mail Security Exchange	Up to 4.6.5.12
Symantec Symantec Mail Security Exchange	Up to 5.0.4.363