CVE-2008-0309
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD
Description
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
Affected (13)
Products: Symantec: Scan Engine, Symantec Antivirus Filtering Domino Mpe, Symantec Antivirus Network Attached Storage, Symantec Antivirus Scan Engine, Symantec Antivirus Scan Engine Caching, Symantec Antivirus Scan Engine Clearswift, Symantec Antivirus Scan Engine For Microsoft Sharepoint, Symantec Antivirus Scan Engine For Ms Isa, Symantec Antivirus Scan Engine Messaging, Symantec Mail Security For Microsoft Exchange
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 5.1.4.24 | |
| Up to 3.0.12 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.3.16.39 | |
| Up to 4.6.5.12 |
References (12)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.