9.3
CVE-2008-5050
- EPSS 8.29%
- Veröffentlicht 13.11.2008 02:30:01
- Zuletzt bearbeitet 16.06.2026 22:59:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clam Anti-virus ≫ Clamav Version <= 0.94
Clam Anti-virus ≫ Clamav Version0.01
Clam Anti-virus ≫ Clamav Version0.02
Clam Anti-virus ≫ Clamav Version0.03
Clam Anti-virus ≫ Clamav Version0.04
Clam Anti-virus ≫ Clamav Version0.05
Clam Anti-virus ≫ Clamav Version0.06
Clam Anti-virus ≫ Clamav Version0.10
Clam Anti-virus ≫ Clamav Version0.11
Clam Anti-virus ≫ Clamav Version0.12
Clam Anti-virus ≫ Clamav Version0.13
Clam Anti-virus ≫ Clamav Version0.14
Clam Anti-virus ≫ Clamav Version0.14 Updatepre
Clam Anti-virus ≫ Clamav Version0.15
Clam Anti-virus ≫ Clamav Version0.20
Clam Anti-virus ≫ Clamav Version0.21
Clam Anti-virus ≫ Clamav Version0.22
Clam Anti-virus ≫ Clamav Version0.23
Clam Anti-virus ≫ Clamav Version0.24
Clam Anti-virus ≫ Clamav Version0.51
Clam Anti-virus ≫ Clamav Version0.52
Clam Anti-virus ≫ Clamav Version0.53
Clam Anti-virus ≫ Clamav Version0.54
Clam Anti-virus ≫ Clamav Version0.60
Clam Anti-virus ≫ Clamav Version0.60p
Clam Anti-virus ≫ Clamav Version0.65
Clam Anti-virus ≫ Clamav Version0.67
Clam Anti-virus ≫ Clamav Version0.68
Clam Anti-virus ≫ Clamav Version0.68.1
Clam Anti-virus ≫ Clamav Version0.70
Clam Anti-virus ≫ Clamav Version0.71
Clam Anti-virus ≫ Clamav Version0.72
Clam Anti-virus ≫ Clamav Version0.73
Clam Anti-virus ≫ Clamav Version0.74
Clam Anti-virus ≫ Clamav Version0.75
Clam Anti-virus ≫ Clamav Version0.75.1
Clam Anti-virus ≫ Clamav Version0.80
Clam Anti-virus ≫ Clamav Version0.80 Updaterc
Clam Anti-virus ≫ Clamav Version0.80 Updaterc2
Clam Anti-virus ≫ Clamav Version0.80 Updaterc3
Clam Anti-virus ≫ Clamav Version0.80 Updaterc4
Clam Anti-virus ≫ Clamav Version0.80_rc1
Clam Anti-virus ≫ Clamav Version0.80_rc2
Clam Anti-virus ≫ Clamav Version0.80_rc3
Clam Anti-virus ≫ Clamav Version0.80_rc4
Clam Anti-virus ≫ Clamav Version0.81
Clam Anti-virus ≫ Clamav Version0.81 Updaterc1
Clam Anti-virus ≫ Clamav Version0.81_rc1
Clam Anti-virus ≫ Clamav Version0.82
Clam Anti-virus ≫ Clamav Version0.83
Clam Anti-virus ≫ Clamav Version0.84
Clam Anti-virus ≫ Clamav Version0.84 Updaterc1
Clam Anti-virus ≫ Clamav Version0.84 Updaterc2
Clam Anti-virus ≫ Clamav Version0.84_rc1
Clam Anti-virus ≫ Clamav Version0.84_rc2
Clam Anti-virus ≫ Clamav Version0.85
Clam Anti-virus ≫ Clamav Version0.85.1
Clam Anti-virus ≫ Clamav Version0.86
Clam Anti-virus ≫ Clamav Version0.86 Updaterc1
Clam Anti-virus ≫ Clamav Version0.86.1
Clam Anti-virus ≫ Clamav Version0.86.2
Clam Anti-virus ≫ Clamav Version0.86_rc1
Clam Anti-virus ≫ Clamav Version0.87
Clam Anti-virus ≫ Clamav Version0.87.1
Clam Anti-virus ≫ Clamav Version0.88
Clam Anti-virus ≫ Clamav Version0.88.1
Clam Anti-virus ≫ Clamav Version0.88.2
Clam Anti-virus ≫ Clamav Version0.88.3
Clam Anti-virus ≫ Clamav Version0.88.4
Clam Anti-virus ≫ Clamav Version0.88.5
Clam Anti-virus ≫ Clamav Version0.88.6
Clam Anti-virus ≫ Clamav Version0.88.7
Clam Anti-virus ≫ Clamav Version0.88.7 Updatep0
Clam Anti-virus ≫ Clamav Version0.88.7 Updatep1
Clam Anti-virus ≫ Clamav Version0.90
Clam Anti-virus ≫ Clamav Version0.90.1
Clam Anti-virus ≫ Clamav Version0.90.1 Updatep0
Clam Anti-virus ≫ Clamav Version0.90.2
Clam Anti-virus ≫ Clamav Version0.90.2 Updatep0
Clam Anti-virus ≫ Clamav Version0.90.3
Clam Anti-virus ≫ Clamav Version0.90.3 Updatep0
Clam Anti-virus ≫ Clamav Version0.90.3 Updatep1
Clam Anti-virus ≫ Clamav Version0.90_rc1.1
Clam Anti-virus ≫ Clamav Version0.90_rc2
Clam Anti-virus ≫ Clamav Version0.90_rc3
Clam Anti-virus ≫ Clamav Version0.90rc1
Clam Anti-virus ≫ Clamav Version0.91
Clam Anti-virus ≫ Clamav Version0.91.1
Clam Anti-virus ≫ Clamav Version0.91.2
Clam Anti-virus ≫ Clamav Version0.91.2 Updatep0
Clam Anti-virus ≫ Clamav Version0.91rc1
Clam Anti-virus ≫ Clamav Version0.91rc2
Clam Anti-virus ≫ Clamav Version0.92
Clam Anti-virus ≫ Clamav Version0.92 Updatep0
Clam Anti-virus ≫ Clamav Version0.92.1
Clam Anti-virus ≫ Clamav Version0.93
Clam Anti-virus ≫ Clamav Version0.93.1
Clam Anti-virus ≫ Clamav Version0.93.2
Clam Anti-virus ≫ Clamav Version0.93.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.29% | 0.942 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://secunia.com/advisories/33937
http://support.apple.com/kb/HT3438
http://www.vupen.com/english/advisories/2009/0422
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
http://secunia.com/advisories/32872
http://secunia.com/advisories/32699
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html
http://secunia.com/advisories/32663
http://secunia.com/advisories/32765
http://secunia.com/advisories/33016
http://secunia.com/advisories/33317
http://security.gentoo.org/glsa/glsa-200812-21.xml
http://securityreason.com/securityalert/4579
http://sourceforge.net/project/shownotes.php?release_id=637952&group_id=86638
http://www.debian.org/security/2008/dsa-1680
http://www.mandriva.com/security/advisories?name=MDVSA-2008:229
http://www.securityfocus.com/archive/1/498169/100/0/threaded
http://www.securityfocus.com/bid/32207
http://www.securitytracker.com/id?1021159
http://www.ubuntu.com/usn/usn-672-1
http://www.vupen.com/english/advisories/2008/3085
https://exchange.xforce.ibmcloud.com/vulnerabilities/46462