CVE-2008-0308
First published: Thu Feb 28 2008(Updated: )
Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Scan Engine | <=5.1.4.24 | |
| Symantec Antivirus | <=4.3.16.39 | |
| Symantec Antivirus Filtering for Domino | <=3.0.12 | |
| Symantec Antivirus Filtering for Domino | <=3.0.12 | |
| Symantec Antivirus Filtering for Domino | <=3.0.12 | |
| Symantec Antivirus | <=4.3.16.39 | |
| Symantec Antivirus | <=4.3.16.39 | |
| Symantec Antivirus | <=4.3.16.39 | |
| Symantec Antivirus for Network Attached Storage | <=4.3.16.39 | |
| Symantec Scan Engine | <=4.3.16.39 | |
| Symantec Antivirus Scan Engine | <=4.3.16.39 | |
| Symantec Mail Security for Microsoft Exchange | <=4.6.5.12 | |
| Symantec Mail Security for Microsoft Exchange | <=5.0.4.363 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666
- http://www.symantec.com/avcenter/security/Content/2008.02.27.html
- http://www.securityfocus.com/bid/27911
- http://secunia.com/advisories/29140
- http://www.securitytracker.com/id?1019503
- http://www.vupen.com/english/advisories/2008/0680
Frequently Asked Questions
What is the severity of CVE-2008-0308?
CVE-2008-0308 is categorized as a denial of service vulnerability with medium severity.
How do I fix CVE-2008-0308?
To fix CVE-2008-0308, upgrade to Symantec Scan Engine version 5.1.6.31 or later.
Which Symantec products are affected by CVE-2008-0308?
CVE-2008-0308 affects various Symantec products including Symantec Scan Engine and several versions of Symantec Antivirus.
What type of attack does CVE-2008-0308 enable?
CVE-2008-0308 enables remote attackers to cause a denial of service through memory consumption.
Can malformed RAR files exploit CVE-2008-0308?
Yes, malformed RAR files targeting the ICAP port can exploit CVE-2008-0308.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/symantec
- canonical/symantec scan engine
- version/symantec scan engine/5.1.4.24
- canonical/symantec antivirus
- version/symantec antivirus/4.3.16.39
- canonical/symantec antivirus filtering for domino
- version/symantec antivirus filtering for domino/3.0.12
- canonical/symantec antivirus for network attached storage
- version/symantec antivirus for network attached storage/4.3.16.39
- version/symantec scan engine/4.3.16.39
- canonical/symantec antivirus scan engine
- version/symantec antivirus scan engine/4.3.16.39
- canonical/symantec mail security for microsoft exchange
- version/symantec mail security for microsoft exchange/4.6.5.12
- version/symantec mail security for microsoft exchange/5.0.4.363