CVE-2008-2713Anti-virus Clamav vulnerability

CWE-3999 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
3.6%
top 12.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ClamavClam Anti-virus Clamav
Timeline
PublishedJun 16
Latest updateMay 1

Description

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianclamav/clamav< 0.93.1.dfsg-1.1+3
NVDclam_anti-virus/clamav57 versions+56

🔴Vulnerability Details

3
GHSA
GHSA-6fgm-5wrg-4p5q: libclamav/petite2022-05-01
OSV
CVE-2008-2713: libclamav/petite2008-06-16
CVEList
CVE-2008-2713: libclamav/petite2008-06-16

📋Vendor Advisories

3
Red Hat
clamav: DoS / crash via crafted petite file (incomplete fix of CVE-2008-2713)2008-07-03
Red Hat
clamav: DoS / crash via crafted petite file2008-06-15
Debian
CVE-2008-2713: clamav - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a de...2008

💬Community

2
Bugzilla
CVE-2008-3215 clamav: DoS / crash via crafted petite file (incomplete fix of CVE-2008-2713)2008-07-15
Bugzilla
CVE-2008-2713 clamav: DoS / crash via crafted petite file2008-06-17
CVE-2008-2713 — Clam Anti-virus Clamav vulnerability | cvebase