Vulnerability CVE-2008-0309


Published: 2008-02-28   Modified: 2012-02-12

Description:
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Symantec -> Scan engine 
Symantec -> Symantec antivirus filtering domino mpe 
Symantec -> Symantec antivirus network attached storage 
Symantec -> Symantec antivirus scan engine 
Symantec -> Symantec antivirus scan engine caching 
Symantec -> Symantec antivirus scan engine clearswift 
Symantec -> Symantec antivirus scan engine for microsoft sharepoint 
Symantec -> Symantec antivirus scan engine for ms isa 
Symantec -> Symantec antivirus scan engine messaging 
Symantec -> Symantec mail security for microsoft exchange 

 References:
http://www.vupen.com/english/advisories/2008/0680
http://www.symantec.com/avcenter/security/Content/2008.02.27.html
http://www.securitytracker.com/id?1019503
http://www.securityfocus.com/bid/27913
http://secunia.com/advisories/29140
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667

Copyright 2021, cxsecurity.com

 

Back to Top