Vulnerability CVE-2008-0309


Published: 2008-02-28   Modified: 2012-02-12

Description:
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Symantec
Product: Scan engine 
Version: 5.1.4.24;
Product: Symantec mail security for microsoft exchange 
Version: 5.0.4.363; 4.6.5.12;
Product: Symantec antivirus scan engine clearswift 
Version: 4.3.16.39;
Product: Symantec antivirus scan engine for ms isa 
Version: 4.3.16.39;
Product: Symantec antivirus network attached storage 
Version: 4.3.16.39;
Product: Symantec antivirus scan engine caching 
Version: 4.3.16.39;
Product: Symantec antivirus scan engine for microsoft sharepoint 
Version: 4.3.16.39;
Product: Symantec antivirus scan engine messaging 
Version: 4.3.16.39;
Product: Symantec antivirus scan engine 
Version: 4.3.16.39;
Product: Symantec antivirus filtering domino mpe 
Version: 3.0.12;

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.vupen.com/english/advisories/2008/0680
http://www.symantec.com/avcenter/security/Content/2008.02.27.html
http://www.securitytracker.com/id?1019503
http://www.securityfocus.com/bid/27913
http://secunia.com/advisories/29140
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667

Related CVE
CVE-2019-12750
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue wh...
CVE-2019-12751
Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are nor...
CVE-2019-9703
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVE-2019-9702
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVE-2019-9701
DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability m...
CVE-2018-18367
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution ...
CVE-2018-18366
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptibl...
CVE-2018-12244
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input in...

Copyright 2019, cxsecurity.com

 

Back to Top