cpe:/a:symantec:scan_engine:5.1.4.24 cpe:/a:symantec:symantec_antivirus_filtering_domino_mpe:3.0.12::aix cpe:/a:symantec:symantec_antivirus_filtering_domino_mpe:3.0.12::linux cpe:/a:symantec:symantec_antivirus_filtering_domino_mpe:3.0.12::solaris cpe:/a:symantec:symantec_antivirus_network_attached_storage:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine_caching:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine_clearswift:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine_for_microsoft_sharepoint:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine_for_ms_isa:4.3.16.39 cpe:/a:symantec:symantec_antivirus_scan_engine_messaging:4.3.16.39 cpe:/a:symantec:symantec_mail_security_for_microsoft_exchange:4.6.5.12 cpe:/a:symantec:symantec_mail_security_for_microsoft_exchange:5.0.4.363 CVE-2008-0309 2008-02-28T15:44:00.000-05:00 2011-03-07T22:04:18.453-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-02-29T10:16:00.000-05:00 ALLOWS_OTHER_ACCESS SECTRACK 1019503 IDEFENSE 20080226 Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability BID 27913 SECUNIA 29140 VUPEN ADV-2008-0680 IAVM IAVM:2008-B-0020 CONFIRM http://www.symantec.com/avcenter/security/Content/2008.02.27.html Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).