NVD Vulnerability Detail

CVE-2008-5314

Summary	Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Publication Date	Dec. 4, 2008, 2:30 a.m.
Registration Date	Jan. 29, 2021, 1:46 p.m.
Last Update	Sept. 29, 2017, 10:32 a.m.

CVSS2.0 : MEDIUM
Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:clam_anti-virus:clamav:0.70:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.71:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.72:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.73:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.74:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.75:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.75.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.80:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4::::::
cpe:2.3:a:clam_anti-virus:clamav:0.81:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.82:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.83:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.84:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2::::::
cpe:2.3:a:clam_anti-virus:clamav:0.85:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.85.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.86.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.87:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.87.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.4:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.5:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.6:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.92:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.92.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.94:::::::*
cpe:2.3:a:clam_anti-virus:clamav::::::::		0.94.1

Related information, measures and tools

No	URL	refsource	タグ
1	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	APPLE
2	http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html	SUSE
3	http://lurker.clamav.net/message/20081126.150241.55b1e092.en.html	MLIST
4	http://osvdb.org/50363	OSVDB
5	http://secunia.com/advisories/32926	SECUNIA
6	http://secunia.com/advisories/32936	SECUNIA
7	http://secunia.com/advisories/33016	SECUNIA
8	http://secunia.com/advisories/33195	SECUNIA
9	http://secunia.com/advisories/33317	SECUNIA
10	http://secunia.com/advisories/33937	SECUNIA
11	http://security.gentoo.org/glsa/glsa-200812-21.xml	GENTOO
12	http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134	CONFIRM
13	http://support.apple.com/kb/HT3438	CONFIRM
14	http://www.debian.org/security/2008/dsa-1680	DEBIAN
15	http://www.mandriva.com/security/advisories?name=MDVSA-2008:239	MANDRIVA
16	http://www.openwall.com/lists/oss-security/2008/12/01/8	MLIST
17	http://www.securityfocus.com/bid/32555	BID
18	http://www.securitytracker.com/id?1021296	SECTRACK
19	http://www.ubuntu.com/usn/usn-684-1	UBUNTU
20	http://www.vupen.com/english/advisories/2008/3311	VUPEN
21	http://www.vupen.com/english/advisories/2009/0422	VUPEN
22	https://exchange.xforce.ibmcloud.com/vulnerabilities/46985	XF
23	https://www.exploit-db.com/exploits/7330	EXPLOIT-DB
24	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266	CONFIRM	Exploit

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-399	リソース管理の問題	https://cwe.mitre.org/data/definitions/399.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:clam_anti-virus:clamav:0.70:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.71:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.72:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.73:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.74:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.75:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.75.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.80:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3::::::
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4::::::
cpe:2.3:a:clam_anti-virus:clamav:0.81:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.82:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.83:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.84:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2::::::
cpe:2.3:a:clam_anti-virus:clamav:0.85:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.85.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1::::::
cpe:2.3:a:clam_anti-virus:clamav:0.86.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.86.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.87:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.87.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.4:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.5:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.6:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.91.2:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.92:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.92.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93.1:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.93.3:::::::*
cpe:2.3:a:clam_anti-virus:clamav:0.94:::::::*
cpe:2.3:a:clam_anti-virus:clamav::::::::		0.94.1