CVE-2008-0308
Symantec Scan Engine < 5.1.6.31 - Denial of Service via Malformed RAR File
Title source: llmDescription
Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
References (6)
Core 6
Core References
Third Party Advisory x_refsource_confirm
http://www.symantec.com/avcenter/security/Content/2008.02.27.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0680
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27911
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29140
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019503
Scores
EPSS
0.0173
EPSS Percentile
82.7%
Details
CWE
CWE-399
Status
published
Products (10)
symantec/scan_engine
< 5.1.4.24
symantec/symantec_antivirus_clearswift
< 4.3.16.39
symantec/symantec_antivirus_filtering_domino_mpe
< 3.0.12 (3 CPE variants)
symantec/symantec_antivirus_messaging
< 4.3.16.39
symantec/symantec_antivirus_microsoft_sharepoint
< 4.3.16.39
symantec/symantec_antivirus_ms_isa
< 4.3.16.39
symantec/symantec_antivirus_network_attached_storage
< 4.3.16.39
symantec/symantec_antivirus_scan_engine
< 4.3.16.39
symantec/symantec_antivirus_scan_engine_caching
< 4.3.16.39
symantec/symantec_mail_security_exchange
< 4.6.5.12
Published
Feb 28, 2008
Tracked Since
Feb 18, 2026