CVE-2008-0309

Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667
http://www.symantec.com/avcenter/security/Content/2008.02.27.html
http://www.securityfocus.com/bid/27913
http://secunia.com/advisories/29140	Vendor Advisory
http://www.securitytracker.com/id?1019503
http://www.vupen.com/english/advisories/2008/0680

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:symantec_antivirus_scan_engine::::::::
	cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching::::::::
	cpe:2.3:a:symantec:scan_engine::::::::
	cpe:2.3:a:symantec:symantec_antivirus_scan_engine_clearswift::::::::
	cpe:2.3:a:symantec:symantec_antivirus_scan_engine_for_microsoft_sharepoint::::::::
	cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:::aix:::::*
	cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:::linux:::::*
	cpe:2.3:a:symantec:symantec_antivirus_scan_engine_for_ms_isa::::::::
	cpe:2.3:a:symantec:symantec_antivirus_scan_engine_messaging::::::::
	cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:::solaris:::::*
	cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage::::::::
	cpe:2.3:a:symantec:symantec_mail_security_for_microsoft_exchange::::::::
	cpe:2.3:a:symantec:symantec_mail_security_for_microsoft_exchange::::::::

Information

Published : 2008-02-28 12:44

Updated : 2011-03-07 19:04

NVD link : CVE-2008-0309

Mitre link : CVE-2008-0309

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

symantec

symantec_antivirus_scan_engine_clearswift
symantec_antivirus_scan_engine
symantec_antivirus_scan_engine_for_ms_isa
symantec_antivirus_scan_engine_messaging
symantec_mail_security_for_microsoft_exchange
symantec_antivirus_network_attached_storage
symantec_antivirus_scan_engine_for_microsoft_sharepoint
scan_engine
symantec_antivirus_filtering_domino_mpe
symantec_antivirus_scan_engine_caching

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667", "name": "20080226 Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html", "name": "http://www.symantec.com/avcenter/security/Content/2008.02.27.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/27913", "name": "27913", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/29140", "name": "29140", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1019503", "name": "1019503", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2008/0680", "name": "ADV-2008-0680", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-0309", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}}, "publishedDate": "2008-02-28T20:44Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_caching:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.1.4.24"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_clearswift:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_for_microsoft_sharepoint:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:aix:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.0.12"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:linux:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.0.12"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_for_ms_isa:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_scan_engine_messaging:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_filtering_domino_mpe:*:*:solaris:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.0.12"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_antivirus_network_attached_storage:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.3.16.39"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.6.5.12"}, {"cpe23Uri": "cpe:2.3:a:symantec:symantec_mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.0.4.363"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T03:04Z"}

6.8 /10