Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3244

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3244
Last Modified 07 Mar 2011 10:10:27
Published 21 Jul 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3244

Summary

The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.

Vulnerable Systems

Application

  • F-prot Antivirus 3.11b

  • F-prot Antivirus 3.12

  • F-prot Antivirus 3.12a

  • F-prot Antivirus 3.12b

  • F-prot Antivirus 3.12c

  • F-prot Antivirus 3.12d

  • F-prot Antivirus 3.13

  • F-prot Antivirus 3.13a

  • F-prot Antivirus 3.14

  • F-prot Antivirus 3.14a

  • F-prot Antivirus 3.14b

  • F-prot Antivirus 3.14c

  • F-prot Antivirus 3.14d

  • F-prot Antivirus 3.14e

  • F-prot Antivirus 3.15

  • F-prot Antivirus 3.15a

  • F-prot Antivirus 3.15b

  • F-prot Antivirus 3.16

  • F-prot Antivirus 3.16a

  • F-prot Antivirus 3.16b

  • F-prot Antivirus 3.16c

  • F-prot Antivirus 3.16d

  • F-prot Antivirus 3.16e

  • F-prot Antivirus 3.16f

  • F-prot Antivirus 4.6.6

  • F-prot Antivirus 6.0.5

  • F-prot Antivirus 6.0.5.1

  • F-prot Antivirus 6.0.6

  • F-prot Antivirus 6.0.6.1

  • F-prot Antivirus 6.0.6.3

  • F-prot Antivirus 6.0.6.4

  • F-prot Antivirus 6.0.7

  • F-prot Antivirus 6.0.7.1

  • F-prot Antivirus 6.0.8

  • F-prot Scanning Engine 4.3.2


References

XF - fprotantivirus-chm-dos(43835)

VUPEN - ADV-2008-2124

SECTRACK - 1020507

BID - 30253

MISC - http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php

CONFIRM - http://www.f-prot.com/download/ReleaseNotesWindows.txt

SECUNIA - 31118


Last Updated: 27 May 2016 10:48:08