Lucene search

[email protected]CVE-2008-1389

HistorySep 04, 2008 - 4:41 p.m.

CVE-2008-1389

2008-09-0416:41:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2008-1389

clamav

chmunpack.c

chm-parser

denial of service

application crash

chm file

invalid memory access

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.112 Low

EPSS

Percentile

95.2%

JSON

libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an “invalid memory access.”

Affected configurations

NVD

Node

clam_anti-virusclamavRange≤0.93.3

clam_anti-virusclamavMatch0.11

clam_anti-virusclamavMatch0.12

clam_anti-virusclamavMatch0.13

clam_anti-virusclamavMatch0.14

clam_anti-virusclamavMatch0.14pre

clam_anti-virusclamavMatch0.15

clam_anti-virusclamavMatch0.20

clam_anti-virusclamavMatch0.21

clam_anti-virusclamavMatch0.22

clam_anti-virusclamavMatch0.23

clam_anti-virusclamavMatch0.24

clam_anti-virusclamavMatch0.51

clam_anti-virusclamavMatch0.52

clam_anti-virusclamavMatch0.53

clam_anti-virusclamavMatch0.54

clam_anti-virusclamavMatch0.60

clam_anti-virusclamavMatch0.60p

clam_anti-virusclamavMatch0.65

clam_anti-virusclamavMatch0.67

clam_anti-virusclamavMatch0.68

clam_anti-virusclamavMatch0.68.1

clam_anti-virusclamavMatch0.70

clam_anti-virusclamavMatch0.71

clam_anti-virusclamavMatch0.72

clam_anti-virusclamavMatch0.73

clam_anti-virusclamavMatch0.74

clam_anti-virusclamavMatch0.75

clam_anti-virusclamavMatch0.75.1

clam_anti-virusclamavMatch0.80

clam_anti-virusclamavMatch0.80rc

clam_anti-virusclamavMatch0.80rc2

clam_anti-virusclamavMatch0.80rc3

clam_anti-virusclamavMatch0.80rc4

clam_anti-virusclamavMatch0.81

clam_anti-virusclamavMatch0.81rc1

clam_anti-virusclamavMatch0.82

clam_anti-virusclamavMatch0.83

clam_anti-virusclamavMatch0.84

clam_anti-virusclamavMatch0.84rc1

clam_anti-virusclamavMatch0.84rc2

clam_anti-virusclamavMatch0.85

clam_anti-virusclamavMatch0.85.1

clam_anti-virusclamavMatch0.86

clam_anti-virusclamavMatch0.86rc1

clam_anti-virusclamavMatch0.86.1

clam_anti-virusclamavMatch0.86.2

clam_anti-virusclamavMatch0.87

clam_anti-virusclamavMatch0.87.1

clam_anti-virusclamavMatch0.88

clam_anti-virusclamavMatch0.88.1

clam_anti-virusclamavMatch0.88.2

clam_anti-virusclamavMatch0.88.3

clam_anti-virusclamavMatch0.88.4

clam_anti-virusclamavMatch0.88.5

clam_anti-virusclamavMatch0.88.6

clam_anti-virusclamavMatch0.88.7

clam_anti-virusclamavMatch0.90

clam_anti-virusclamavMatch0.90.1

clam_anti-virusclamavMatch0.90.2

clam_anti-virusclamavMatch0.90.3

clam_anti-virusclamavMatch0.91

clam_anti-virusclamavMatch0.91.1

clam_anti-virusclamavMatch0.91.2

clam_anti-virusclamavMatch0.92

clam_anti-virusclamavMatch0.92.1

clam_anti-virusclamavMatch0.93

clam_anti-virusclamavMatch0.93.1

CPENameOperatorVersion
clam_anti-virus:clamavclam anti-virus clamavle0.93.3
clam_anti-virus:clamavclam anti-virus clamaveq0.11
clam_anti-virus:clamavclam anti-virus clamaveq0.12
clam_anti-virus:clamavclam anti-virus clamaveq0.13
clam_anti-virus:clamavclam anti-virus clamaveq0.14
clam_anti-virus:clamavclam anti-virus clamaveq0.15
clam_anti-virus:clamavclam anti-virus clamaveq0.20
clam_anti-virus:clamavclam anti-virus clamaveq0.21
clam_anti-virus:clamavclam anti-virus clamaveq0.22
clam_anti-virus:clamavclam anti-virus clamaveq0.23

CPE	Name	Operator	Version
clam_anti-virus:clamav	clam anti-virus clamav	le	0.93.3
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.11
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.12
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.13
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.14
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.15
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.20
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.21
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.22
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.23