What is the severity of CVE-2008-1837?

CVE-2008-1837 has been rated as a medium severity vulnerability due to its potential to cause a denial of service via specially crafted RAR files.

How do I fix CVE-2008-1837?

To fix CVE-2008-1837, upgrade ClamAV to version 0.93 or later, which addresses the memory issues associated with this vulnerability.

Who is affected by CVE-2008-1837?

CVE-2008-1837 affects all versions of ClamAV prior to 0.93, including multiple earlier versions up to 0.92.1.

What kind of attack does CVE-2008-1837 enable?

CVE-2008-1837 enables remote attackers to crash the application, leading to a denial of service by using maliciously crafted RAR files.

When was CVE-2008-1837 disclosed?

CVE-2008-1837 was disclosed in April 2008, highlighting its impact on ClamAV versions prior to the release of version 0.93.

Vulnerability/
CVE-2008-1837

medium

CWE

399

16/4/2008

7/8/2024

CVE-2008-1837

First published: Wed Apr 16 2008(Updated: )

libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
ClamXAV	=0.24
ClamXAV	=0.20
ClamXAV	=0.84
ClamXAV	=0.92
ClamXAV	=0.90rc1
ClamXAV	=0.91.2
ClamXAV	=0.80
ClamXAV	=0.90.1
ClamXAV	=0.84_rc1
ClamXAV	=0.91
ClamXAV	=0.15
ClamXAV	=0.90
ClamXAV	=0.80_rc3
ClamXAV	=0.80_rc4
ClamXAV	=0.65
ClamXAV	=0.75
ClamXAV	=0.68
ClamXAV	<=0.92.1
ClamXAV	=0.71
ClamXAV	=0.88.3
ClamXAV	=0.88.7
ClamXAV	=0.86.1
ClamXAV	=0.82
ClamXAV	=0.88.1
ClamXAV	=0.91.1
ClamXAV	=0.73
ClamXAV	=0.72
ClamXAV	=0.85.1
ClamXAV	=0.87
ClamXAV	=0.86_rc1
ClamXAV	=0.85
ClamXAV	=0.80_rc1
ClamXAV	=0.74
ClamXAV	=0.75.1
ClamXAV	=0.86.2
ClamXAV	=0.67
ClamXAV	=0.81
ClamXAV	=0.90.2
ClamXAV	=0.21
ClamXAV	=0.81_rc1
ClamXAV	=0.54
ClamXAV	=0.88.6
ClamXAV	=0.53
ClamXAV	=0.70
ClamXAV	=0.90_rc1.1
ClamXAV	=0.60p
ClamXAV	=0.90_rc2
ClamXAV	=0.90_rc3
ClamXAV	=0.91rc2
ClamXAV	=0.80_rc2
ClamXAV	=0.88.5
ClamXAV	=0.60
ClamXAV	=0.86
ClamXAV	=0.91rc1
ClamXAV	=0.83
ClamXAV	=0.68.1
ClamXAV	=0.88
ClamXAV	=0.87.1
ClamXAV	=0.88.4
ClamXAV	=0.84_rc2
ClamXAV	=0.51
ClamXAV	=0.23
ClamXAV	=0.52
ClamXAV	=0.22
ClamAV	<=0.92.1
ClamAV	=0.15
ClamAV	=0.20
ClamAV	=0.21
ClamAV	=0.22
ClamAV	=0.23
ClamAV	=0.24
ClamAV	=0.51
ClamAV	=0.52
ClamAV	=0.53
ClamAV	=0.54
ClamAV	=0.60
ClamAV	=0.60p
ClamAV	=0.65
ClamAV	=0.67
ClamAV	=0.68
ClamAV	=0.68.1
ClamAV	=0.70
ClamAV	=0.71
ClamAV	=0.72
ClamAV	=0.73
ClamAV	=0.74
ClamAV	=0.75
ClamAV	=0.75.1
ClamAV	=0.80
ClamAV	=0.80_rc1
ClamAV	=0.80_rc2
ClamAV	=0.80_rc3
ClamAV	=0.80_rc4
ClamAV	=0.81
ClamAV	=0.81_rc1
ClamAV	=0.82
ClamAV	=0.83
ClamAV	=0.84
ClamAV	=0.84_rc1
ClamAV	=0.84_rc2
ClamAV	=0.85
ClamAV	=0.85.1
ClamAV	=0.86
ClamAV	=0.86.1
ClamAV	=0.86.2
ClamAV	=0.86_rc1
ClamAV	=0.87
ClamAV	=0.87.1
ClamAV	=0.88
ClamAV	=0.88.1
ClamAV	=0.88.3
ClamAV	=0.88.4
ClamAV	=0.88.5
ClamAV	=0.88.6
ClamAV	=0.88.7
ClamAV	=0.90
ClamAV	=0.90.1
ClamAV	=0.90.2
ClamAV	=0.90_rc1.1
ClamAV	=0.90_rc2
ClamAV	=0.90_rc3
ClamAV	=0.90rc1
ClamAV	=0.91
ClamAV	=0.91.1
ClamAV	=0.91.2
ClamAV	=0.91rc1
ClamAV	=0.91rc2
ClamAV	=0.92

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-1837?
CVE-2008-1837 has been rated as a medium severity vulnerability due to its potential to cause a denial of service via specially crafted RAR files.
How do I fix CVE-2008-1837?
To fix CVE-2008-1837, upgrade ClamAV to version 0.93 or later, which addresses the memory issues associated with this vulnerability.
Who is affected by CVE-2008-1837?
CVE-2008-1837 affects all versions of ClamAV prior to 0.93, including multiple earlier versions up to 0.92.1.
What kind of attack does CVE-2008-1837 enable?
CVE-2008-1837 enables remote attackers to crash the application, leading to a denial of service by using maliciously crafted RAR files.
When was CVE-2008-1837 disclosed?
CVE-2008-1837 was disclosed in April 2008, highlighting its impact on ClamAV versions prior to the release of version 0.93.

agent/weakness
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
collector/nvd-historical
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/clam anti-virus
canonical/clamxav
version/clamxav/0.24
version/clamxav/0.20
version/clamxav/0.84
version/clamxav/0.92
version/clamxav/0.90rc1
version/clamxav/0.91.2
version/clamxav/0.80
version/clamxav/0.90.1
version/clamxav/0.84_rc1
version/clamxav/0.91
version/clamxav/0.15
version/clamxav/0.90
version/clamxav/0.80_rc3
version/clamxav/0.80_rc4
version/clamxav/0.65
version/clamxav/0.75
version/clamxav/0.68
version/clamxav/0.92.1
version/clamxav/0.71
version/clamxav/0.88.3
version/clamxav/0.88.7
version/clamxav/0.86.1
version/clamxav/0.82
version/clamxav/0.88.1
version/clamxav/0.91.1
version/clamxav/0.73
version/clamxav/0.72
version/clamxav/0.85.1
version/clamxav/0.87
version/clamxav/0.86_rc1
version/clamxav/0.85
version/clamxav/0.80_rc1
version/clamxav/0.74
version/clamxav/0.75.1
version/clamxav/0.86.2
version/clamxav/0.67
version/clamxav/0.81
version/clamxav/0.90.2
version/clamxav/0.21
version/clamxav/0.81_rc1
version/clamxav/0.54
version/clamxav/0.88.6
version/clamxav/0.53
version/clamxav/0.70
version/clamxav/0.90_rc1.1
version/clamxav/0.60p
version/clamxav/0.90_rc2
version/clamxav/0.90_rc3
version/clamxav/0.91rc2
version/clamxav/0.80_rc2
version/clamxav/0.88.5
version/clamxav/0.60
version/clamxav/0.86
version/clamxav/0.91rc1
version/clamxav/0.83
version/clamxav/0.68.1
version/clamxav/0.88
version/clamxav/0.87.1
version/clamxav/0.88.4
version/clamxav/0.84_rc2
version/clamxav/0.51
version/clamxav/0.23
version/clamxav/0.52
version/clamxav/0.22
canonical/clamav
version/clamav/0.92.1
version/clamav/0.15
version/clamav/0.20
version/clamav/0.21
version/clamav/0.22
version/clamav/0.23
version/clamav/0.24
version/clamav/0.51
version/clamav/0.52
version/clamav/0.53
version/clamav/0.54
version/clamav/0.60
version/clamav/0.60p
version/clamav/0.65
version/clamav/0.67
version/clamav/0.68
version/clamav/0.68.1
version/clamav/0.70
version/clamav/0.71
version/clamav/0.72
version/clamav/0.73
version/clamav/0.74
version/clamav/0.75
version/clamav/0.75.1
version/clamav/0.80
version/clamav/0.80_rc1
version/clamav/0.80_rc2
version/clamav/0.80_rc3
version/clamav/0.80_rc4
version/clamav/0.81
version/clamav/0.81_rc1
version/clamav/0.82
version/clamav/0.83
version/clamav/0.84
version/clamav/0.84_rc1
version/clamav/0.84_rc2
version/clamav/0.85
version/clamav/0.85.1
version/clamav/0.86
version/clamav/0.86.1
version/clamav/0.86.2
version/clamav/0.86_rc1
version/clamav/0.87
version/clamav/0.87.1
version/clamav/0.88
version/clamav/0.88.1
version/clamav/0.88.3
version/clamav/0.88.4
version/clamav/0.88.5
version/clamav/0.88.6
version/clamav/0.88.7
version/clamav/0.90
version/clamav/0.90.1
version/clamav/0.90.2
version/clamav/0.90_rc1.1
version/clamav/0.90_rc2
version/clamav/0.90_rc3
version/clamav/0.90rc1
version/clamav/0.91
version/clamav/0.91.1
version/clamav/0.91.2
version/clamav/0.91rc1
version/clamav/0.91rc2
version/clamav/0.92