[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5314Date: (C)2008-12-03   (M)2023-12-22


Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1021296
BID-32555
SECUNIA-32926
SECUNIA-32936
SECUNIA-33016
SECUNIA-33195
SECUNIA-33317
SECUNIA-33937
OSVDB-50363
EXPLOIT-DB-7330
ADV-2008-3311
ADV-2009-0422
APPLE-SA-2009-02-12
DSA-1680
GLSA-200812-21
MDVSA-2008:239
SUSE-SR:2008:028
USN-684-1
http://lurker.clamav.net/message/20081126.150241.55b1e092.en.html
http://www.openwall.com/lists/oss-security/2008/12/01/8
clamav-special-dos(46985)
http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134
http://support.apple.com/kb/HT3438
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266

CWE    1
CWE-399
OVAL    2
oval:org.secpod.oval:def:301546
oval:org.mitre.oval:def:8113

© SecPod Technologies