Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0309

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-0309
Last Modified 07 Mar 2011 10:04:18
Published 28 Feb 2008 03:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0309

Summary

Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Vulnerable Systems

Application

  • Symantec Antivirus Filtering Domino Mpe 3.0.12

  • Symantec Antivirus Network Attached Storage 4.3.16.39

  • Symantec Antivirus Scan Engine 4.3.16.39

  • Symantec Antivirus Scan Engine Caching 4.3.16.39

  • Symantec Antivirus Scan Engine Clearswift 4.3.16.39

  • Symantec Antivirus Scan Engine For Microsoft Sharepoint 4.3.16.39

  • Symantec Antivirus Scan Engine For Ms Isa 4.3.16.39

  • Symantec Antivirus Scan Engine Messaging 4.3.16.39

  • Symantec Mail Security For Microsoft Exchange 4.6.5.12

  • Symantec Mail Security For Microsoft Exchange 5.0.4.363

  • Symantec Scan Engine 5.1.4.24


References

VUPEN - ADV-2008-0680

CONFIRM - http://www.symantec.com/avcenter/security/Content/2008.02.27.html

SECTRACK - 1019503

BID - 27913

SECUNIA - 29140

IDEFENSE - 20080226 Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability


Last Updated: 27 May 2016 10:46:46