CVE-2008-3244

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-3244
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/31118 Vendor Advisory
http://www.f-prot.com/download/ReleaseNotesWindows.txt
http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php
http://www.securityfocus.com/bid/30253
http://www.securitytracker.com/id?1020507
http://www.vupen.com/english/advisories/2008/2124/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43835
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f-prot:f-prot_antivirus:3.11b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.13:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.13a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14e:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16e:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16f:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:4.6.6:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:scanning_engine:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2008-07-21 16:41

Updated : 2023-12-10 10:51

NVD link : CVE-2008-3244

Mitre link : CVE-2008-3244

CVE.ORG link : CVE-2008-3244

JSON object : View

Products Affected

f-prot

  • scanning_engine
  • f-prot_antivirus
CWE
CWE-20

Improper Input Validation