Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0314

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0314
Last Modified 07 Mar 2011 10:04:19
Published 16 Apr 2008 11:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0314

Summary

Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.92.1


References

CERT - TA08-260A

CERT-VN - VU#858595

VUPEN - ADV-2008-2584

VUPEN - ADV-2008-1227

CONFIRM - http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html

GENTOO - GLSA-200805-19

SECUNIA - 31882

SECUNIA - 31576

APPLE - APPLE-SA-2008-09-15

IDEFENSE - 20080414 ClamAV libclamav PeSpin Heap Overflow Vulnerability

CONFIRM - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=876

FEDORA - FEDORA-2008-3900

FEDORA - FEDORA-2008-3420

FEDORA - FEDORA-2008-3358

XF - clamav-spin-bo(41823)

SECTRACK - 1019851

BID - 28784

MANDRIVA - MDVSA-2008:088

DEBIAN - DSA-1549

CONFIRM - http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog

SECUNIA - 30328

SECUNIA - 30253

SECUNIA - 29975

SECUNIA - 29891

SECUNIA - 29886

SECUNIA - 29863

SUSE - SUSE-SA:2008:024

CONFIRM - http://kolab.org/security/kolab-vendor-notice-20.txt

Related Patches

Apple 2008-09-15 Security Update 2008-006 (PPC)

Apple 2008-09-15 Security Update 2008-006 Server (PPC)

Apple 2008-09-15 Mac OS X 10.5.5 Update

Apple 2008-09-15 Mac OS X Server 10.5.5 Combo Update

Apple 2008-09-15 Mac OS X Server 10.5.5 Update

Apple 2008-09-15 Security Update 2008-006 (Intel)

Apple 2008-09-15 Mac OS X 10.5.5 Combo Update

Apple 2008-09-15 Security Update 2008-006 Server (Intel)


Last Updated: 27 May 2016 10:46:46