CVE-2008-0309 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Scan Engine

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

5.2%

top 10.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Scan Engine Symantec Antivirus Filtering Domino MPE Symantec Antivirus Network Attached Storage +7 more

Timeline

PublishedFeb 28

Latest updateMay 1

Description

Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages8 packages

▶NVDsymantec/symantec_antivirus_scan_engine4.3.16.39

▶NVDsymantec/symantec_antivirus_scan_engine_caching4.3.16.39

▶NVDsymantec/symantec_antivirus_scan_engine_messaging4.3.16.39

▶NVDsymantec/symantec_antivirus_scan_engine_clearswift4.3.16.39

▶NVDsymantec/scan_engine5.1.4.24

🔴Vulnerability Details

GHSA

GHSA-3rhq-2g85-5xqr: Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5↗2022-05-01

▶

CVEList

CVE-2008-0309: Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5↗2008-02-28

▶