ID CVE-2008-5314
Summary Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
References
Vulnerable Configurations
  • cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.80:rc:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.80:rc:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.91:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.91:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.91.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.91.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.91.2:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.91.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.93.1:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.93.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.93.3:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.93.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:0.94:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.94:*:*:*:*:*:*:*
  • cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 29-09-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
apple APPLE-SA-2009-02-12
bid 32555
confirm
debian DSA-1680
exploit-db 7330
gentoo GLSA-200812-21
mandriva MDVSA-2008:239
mlist
  • [clamav-announce] 20081126 announcing ClamAV 0.94.2
  • [oss-security] 20081201 CVE request: clamav 0.94.2
osvdb 50363
sectrack 1021296
secunia
  • 32926
  • 32936
  • 33016
  • 33195
  • 33317
  • 33937
suse SUSE-SR:2008:028
ubuntu USN-684-1
vupen
  • ADV-2008-3311
  • ADV-2009-0422
xf clamav-special-dos(46985)
Last major update 29-09-2017 - 01:32
Published 03-12-2008 - 17:30
Last modified 29-09-2017 - 01:32
Back to Top