CVE Vulnerabilities

CVE-2008-0308

Published: Feb 28, 2008 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Affected Software

Name Vendor Start Version End Version
Scan_engine Symantec * 5.1.4.24
Symantec_antivirus_clearswift Symantec * 4.3.16.39
Symantec_antivirus_filtering_domino_mpe Symantec * 3.0.12
Symantec_antivirus_filtering_domino_mpe Symantec * 3.0.12
Symantec_antivirus_filtering_domino_mpe Symantec * 3.0.12
Symantec_antivirus_messaging Symantec * 4.3.16.39
Symantec_antivirus_microsoft_sharepoint Symantec * 4.3.16.39
Symantec_antivirus_ms_isa Symantec * 4.3.16.39
Symantec_antivirus_network_attached_storage Symantec * 4.3.16.39
Symantec_antivirus_scan_engine Symantec * 4.3.16.39
Symantec_antivirus_scan_engine_caching Symantec * 4.3.16.39
Symantec_mail_security_exchange Symantec * 4.6.5.12
Symantec_mail_security_exchange Symantec * 5.0.4.363

References