cvelistv5 - CVE-2008-0308

CVE-2008-0308 (GCVE-0-2008-0308)

Vulnerability from cvelistv5 – Published: 2008-02-28 20:00 – Updated: 2024-08-07 07:39

Summary

Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.symantec.com/avcenter/security/Content…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0680	vdb-entryx_refsource_VUPEN
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.securityfocus.com/bid/27911	vdb-entryx_refsource_BID
	http://secunia.com/advisories/29140	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1019503	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:39:35.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
          },
          {
            "name": "ADV-2008-0680",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0680"
          },
          {
            "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
          },
          {
            "name": "27911",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27911"
          },
          {
            "name": "29140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29140"
          },
          {
            "name": "1019503",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019503"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-03-11T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
        },
        {
          "name": "ADV-2008-0680",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0680"
        },
        {
          "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
        },
        {
          "name": "27911",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27911"
        },
        {
          "name": "29140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29140"
        },
        {
          "name": "1019503",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019503"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0308",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
            },
            {
              "name": "ADV-2008-0680",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0680"
            },
            {
              "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
            },
            {
              "name": "27911",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27911"
            },
            {
              "name": "29140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29140"
            },
            {
              "name": "1019503",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019503"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0308",
    "datePublished": "2008-02-28T20:00:00",
    "dateReserved": "2008-01-16T00:00:00",
    "dateUpdated": "2024-08-07T07:39:35.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.1.4.24\", \"matchCriteriaId\": \"AB87EEAE-C3E0-4145-B218-9D408F92019D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_clearswift:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"2338E29E-E63A-46BE-B07C-67360F06407E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:aix:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.12\", \"matchCriteriaId\": \"16D7344B-86C6-4F85-A3BC-F0923BE01BBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:linux:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.12\", \"matchCriteriaId\": \"852B500B-D411-4423-95A8-EEC05AFEAC31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:solaris:*:*:*:*:*\", \"versionEndIncluding\": \"3.0.12\", \"matchCriteriaId\": \"C0B93FAE-4014-4417-A46A-3F52667E223F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_messaging:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"5F8F198A-1410-4FDD-9906-BFBFE7056603\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_microsoft_sharepoint:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"8A4202FC-FF3F-4450-A3DE-7077FDCDE62A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_ms_isa:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"4ABF5B1A-8CC8-42AD-95E9-4957EE4B0FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"90C81F8F-8176-4EB2-B61B-08A3F8958628\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_scan_engine:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"E648A3CF-2DB0-4578-8FF4-E8DB7DEE249F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.3.16.39\", \"matchCriteriaId\": \"F10B5FA2-D60A-4ECD-98D5-24E2AC227604\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.6.5.12\", \"matchCriteriaId\": \"7FEB2137-CCAA-436B-9152-0C82A922AE75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.0.4.363\", \"matchCriteriaId\": \"95F252AB-3D74-46C1-BF05-8FEE8F87308F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).\"}, {\"lang\": \"es\", \"value\": \"Symantec Decomposer, como se usa en ciertos productos antivirus Symantec  incluyendo Symantec Scan Engine 5.1.2 y otras versiones antes de 5.1.6.31, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (agotamiento de memoria) a trav\\u00e9s de un archivo RAR mal formado al puerto (1344/tcp) del Internet Content Adaptation Protocol (ICAP) (Protocolo de Adaptaci\\u00f3n de Contenido de Internet).\"}]",
      "id": "CVE-2008-0308",
      "lastModified": "2024-11-21T00:41:38.403",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-02-28T20:44:00.000",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29140\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27911\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1019503\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2008.02.27.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0680\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/29140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27911\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1019503\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2008.02.27.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0680\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0308\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-02-28T20:44:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).\"},{\"lang\":\"es\",\"value\":\"Symantec Decomposer, como se usa en ciertos productos antivirus Symantec  incluyendo Symantec Scan Engine 5.1.2 y otras versiones antes de 5.1.6.31, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de memoria) a trav\u00e9s de un archivo RAR mal formado al puerto (1344/tcp) del Internet Content Adaptation Protocol (ICAP) (Protocolo de Adaptaci\u00f3n de Contenido de Internet).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1.4.24\",\"matchCriteriaId\":\"AB87EEAE-C3E0-4145-B218-9D408F92019D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_clearswift:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"2338E29E-E63A-46BE-B07C-67360F06407E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:aix:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.12\",\"matchCriteriaId\":\"16D7344B-86C6-4F85-A3BC-F0923BE01BBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:linux:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.12\",\"matchCriteriaId\":\"852B500B-D411-4423-95A8-EEC05AFEAC31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:solaris:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.12\",\"matchCriteriaId\":\"C0B93FAE-4014-4417-A46A-3F52667E223F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_messaging:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"5F8F198A-1410-4FDD-9906-BFBFE7056603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_microsoft_sharepoint:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"8A4202FC-FF3F-4450-A3DE-7077FDCDE62A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_ms_isa:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"4ABF5B1A-8CC8-42AD-95E9-4957EE4B0FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"90C81F8F-8176-4EB2-B61B-08A3F8958628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_scan_engine:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"E648A3CF-2DB0-4578-8FF4-E8DB7DEE249F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.3.16.39\",\"matchCriteriaId\":\"F10B5FA2-D60A-4ECD-98D5-24E2AC227604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.6.5.12\",\"matchCriteriaId\":\"7FEB2137-CCAA-436B-9152-0C82A922AE75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.0.4.363\",\"matchCriteriaId\":\"95F252AB-3D74-46C1-BF05-8FEE8F87308F\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29140\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27911\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019503\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2008.02.27.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0680\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27911\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2008.02.27.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/0680\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-5MVP-G227-PRCQ

Vulnerability from github – Published: 2022-05-01 23:28 – Updated: 2022-05-01 23:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0308"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-02-28T20:44:00Z",
    "severity": "HIGH"
  },
  "details": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).",
  "id": "GHSA-5mvp-g227-prcq",
  "modified": "2022-05-01T23:28:59Z",
  "published": "2022-05-01T23:28:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0308"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29140"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27911"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019503"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0680"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-0308

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0308

Aliases

CVE-2008-0308

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0308",
    "description": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).",
    "id": "GSD-2008-0308"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0308"
      ],
      "details": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).",
      "id": "GSD-2008-0308",
      "modified": "2023-12-13T01:22:59.006867Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0308",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html",
            "refsource": "CONFIRM",
            "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
          },
          {
            "name": "ADV-2008-0680",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0680"
          },
          {
            "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
          },
          {
            "name": "27911",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27911"
          },
          {
            "name": "29140",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29140"
          },
          {
            "name": "1019503",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019503"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:aix:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.6.5.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.0.4.363",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_messaging:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_microsoft_sharepoint:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_ms_isa:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1.4.24",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_clearswift:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3.16.39",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0308"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
            },
            {
              "name": "27911",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27911"
            },
            {
              "name": "29140",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29140"
            },
            {
              "name": "1019503",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019503"
            },
            {
              "name": "ADV-2008-0680",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0680"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T03:04Z",
      "publishedDate": "2008-02-28T20:44Z"
    }
  }
}

CERTA-2008-AVI-107

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans le moteur Symantec Decomposer permettent de réaliser un déni de service et d'exécuter du code arbitraire à distance.

Description

Deux vulnérabilités ont été découvertes dans le moteur Symantec Decomposer lors du traitement d'archives RAR. La première faille permet de réaliser un déni de service à distance par consommation excessive de la mémoire. La seconde, de type débordement de mémoire, permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec Antivirus Scan Engine for Clearswift versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec AntiVirus for Network Attached Storage versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Scan Engine versions 5.1.4.24 et antérieures.
Symantec	N/A	toutes les versions de Symantec AntiVirus/Filtering for Domino MPE ;
Symantec	N/A	Symantec AntiVirus Scan Engine versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for Messaging versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for MS ISA versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 4.6.5.12 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for MS SharePoint versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 5.0.4.363 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for Caching versions 4.3.16.39 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité SYM08-006 du 26 février 2008	None	vendor-advisory
Bulletin de sécurité Symantec SYM08-006 du 26 février 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Antivirus Scan Engine for Clearswift versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec AntiVirus for Network Attached Storage versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Scan Engine versions 5.1.4.24 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Symantec AntiVirus/Filtering for Domino MPE ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec AntiVirus Scan Engine versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for Messaging versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for MS ISA versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Microsoft Exchange versions 4.6.5.12 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for MS SharePoint versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Microsoft Exchange versions 5.0.4.363 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for Caching versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le moteur Symantec\nDecomposer lors du traitement d\u0027archives RAR. La premi\u00e8re faille permet\nde r\u00e9aliser un d\u00e9ni de service \u00e0 distance par consommation excessive de\nla m\u00e9moire. La seconde, de type d\u00e9bordement de m\u00e9moire, permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0308"
    },
    {
      "name": "CVE-2008-0309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0309"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM08-006 du 26 f\u00e9vrier 2008    :",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.02.27.html"
    }
  ],
  "reference": "CERTA-2008-AVI-107",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans le moteur \u003cspan class=\"textit\"\u003eSymantec\nDecomposer\u003c/span\u003e permettent de r\u00e9aliser un d\u00e9ni de service et\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Symantec Decomposer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SYM08-006 du 26 f\u00e9vrier 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-107

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans le moteur Symantec Decomposer permettent de réaliser un déni de service et d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec Antivirus Scan Engine for Clearswift versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec AntiVirus for Network Attached Storage versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Scan Engine versions 5.1.4.24 et antérieures.
Symantec	N/A	toutes les versions de Symantec AntiVirus/Filtering for Domino MPE ;
Symantec	N/A	Symantec AntiVirus Scan Engine versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for Messaging versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for MS ISA versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 4.6.5.12 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for MS SharePoint versions 4.3.16.39 et antérieures ;
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 5.0.4.363 et antérieures ;
Symantec	N/A	Symantec Antivirus Scan Engine for Caching versions 4.3.16.39 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité SYM08-006 du 26 février 2008	None	vendor-advisory
Bulletin de sécurité Symantec SYM08-006 du 26 février 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Antivirus Scan Engine for Clearswift versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec AntiVirus for Network Attached Storage versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Scan Engine versions 5.1.4.24 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "toutes les versions de Symantec AntiVirus/Filtering for Domino MPE ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec AntiVirus Scan Engine versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for Messaging versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for MS ISA versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Microsoft Exchange versions 4.6.5.12 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for MS SharePoint versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Microsoft Exchange versions 5.0.4.363 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Antivirus Scan Engine for Caching versions 4.3.16.39 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le moteur Symantec\nDecomposer lors du traitement d\u0027archives RAR. La premi\u00e8re faille permet\nde r\u00e9aliser un d\u00e9ni de service \u00e0 distance par consommation excessive de\nla m\u00e9moire. La seconde, de type d\u00e9bordement de m\u00e9moire, permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0308"
    },
    {
      "name": "CVE-2008-0309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0309"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM08-006 du 26 f\u00e9vrier 2008    :",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.02.27.html"
    }
  ],
  "reference": "CERTA-2008-AVI-107",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans le moteur \u003cspan class=\"textit\"\u003eSymantec\nDecomposer\u003c/span\u003e permettent de r\u00e9aliser un d\u00e9ni de service et\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Symantec Decomposer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SYM08-006 du 26 f\u00e9vrier 2008",
      "url": null
    }
  ]
}

FKIE_CVE-2008-0308

Vulnerability from fkie_nvd - Published: 2008-02-28 20:44 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666
cve@mitre.org	http://secunia.com/advisories/29140	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/27911
cve@mitre.org	http://www.securitytracker.com/id?1019503
cve@mitre.org	http://www.symantec.com/avcenter/security/Content/2008.02.27.html
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0680
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27911
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019503
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2008.02.27.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0680

Impacted products

Vendor	Product	Version
symantec	scan_engine	*
symantec	symantec_antivirus_clearswift	*
symantec	symantec_antivirus_filtering_domino_mpe	*
symantec	symantec_antivirus_filtering_domino_mpe	*
symantec	symantec_antivirus_filtering_domino_mpe	*
symantec	symantec_antivirus_messaging	*
symantec	symantec_antivirus_microsoft_sharepoint	*
symantec	symantec_antivirus_ms_isa	*
symantec	symantec_antivirus_network_attached_storage	*
symantec	symantec_antivirus_scan_engine	*
symantec	symantec_antivirus_scan_engine_caching	*
symantec	symantec_mail_security_exchange	*
symantec	symantec_mail_security_exchange	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB87EEAE-C3E0-4145-B218-9D408F92019D",
              "versionEndIncluding": "5.1.4.24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_clearswift:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2338E29E-E63A-46BE-B07C-67360F06407E",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:aix:*:*:*:*:*",
              "matchCriteriaId": "16D7344B-86C6-4F85-A3BC-F0923BE01BBA",
              "versionEndIncluding": "3.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:linux:*:*:*:*:*",
              "matchCriteriaId": "852B500B-D411-4423-95A8-EEC05AFEAC31",
              "versionEndIncluding": "3.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C0B93FAE-4014-4417-A46A-3F52667E223F",
              "versionEndIncluding": "3.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_messaging:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F8F198A-1410-4FDD-9906-BFBFE7056603",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_microsoft_sharepoint:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4202FC-FF3F-4450-A3DE-7077FDCDE62A",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_ms_isa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ABF5B1A-8CC8-42AD-95E9-4957EE4B0FA1",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90C81F8F-8176-4EB2-B61B-08A3F8958628",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E648A3CF-2DB0-4578-8FF4-E8DB7DEE249F",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F10B5FA2-D60A-4ECD-98D5-24E2AC227604",
              "versionEndIncluding": "4.3.16.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FEB2137-CCAA-436B-9152-0C82A922AE75",
              "versionEndIncluding": "4.6.5.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:symantec_mail_security_exchange:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95F252AB-3D74-46C1-BF05-8FEE8F87308F",
              "versionEndIncluding": "5.0.4.363",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."
    },
    {
      "lang": "es",
      "value": "Symantec Decomposer, como se usa en ciertos productos antivirus Symantec  incluyendo Symantec Scan Engine 5.1.2 y otras versiones antes de 5.1.6.31, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de memoria) a trav\u00e9s de un archivo RAR mal formado al puerto (1344/tcp) del Internet Content Adaptation Protocol (ICAP) (Protocolo de Adaptaci\u00f3n de Contenido de Internet)."
    }
  ],
  "id": "CVE-2008-0308",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-28T20:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29140"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/27911"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019503"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0680"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0308 (GCVE-0-2008-0308)

GHSA-5MVP-G227-PRCQ

GSD-2008-0308

CERTA-2008-AVI-107

Description

Solution

CERTA-2008-AVI-107

Description

Solution

FKIE_CVE-2008-0308

Tags

Sightings

Nomenclature