cbcvebase.
CVE-2008-1836
published 2008-04-16

CVE-2008-1836: The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that…

PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
3.55%
87.8th percentile
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

Affected

9 ranges
VendorProductVersion rangeFixed in
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
clam_anti-virusclamav
debianclamav

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.