CVE-2008-0858

Published: Feb 21, 2008Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors.

Affected (2)

Products: Kerio: Kerio Mailserver · Visnetic: Visnetic Antivirus Plug In For Mail Server

Kerio

1 product

Kerio Mailserver

Visnetic

1 product

Visnetic Antivirus Plug In For Mail Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Kerio Kerio Mailserver	Up to 6.4.2
Visnetic Visnetic Antivirus Plug In For Mail Server	All versions

Related CWEs

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (10)

http://secunia.com/advisories/29021

Source: cve@mitre.org

PatchVendor Advisory

http://www.kerio.com/kms_history.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/27868

Source: cve@mitre.org

http://www.securitytracker.com/id?1019428

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0594

Source: cve@mitre.org

http://secunia.com/advisories/29021