CVE-2008-3688

HIGH

HTTP Antivirus Proxy 0.88 - DoS

Title source: llm

Description

sockethandler.cpp in HTTP Antivirus Proxy (HAVP) 0.88 allows remote attackers to cause a denial of service (hang) by connecting to a non-responsive server, which triggers an infinite loop due to an uninitialized variable.

References (8)

[Broken Link] http://secunia.com/advisories/31494

[Broken Link] http://secunia.com/advisories/31971

[Third Party Advisory] http://www.gentoo.org/security/en/glsa/glsa-200809-11.xml

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/30697

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020900

[Broken Link, Product] http://www.server-side.de/index.htm

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44467

[Broken Link, Patch] https://sourceforge.net/mailarchive/message.php?msg_name=487CDF51.5060201%40endian.com

Scores

CVSS v3 7.5

EPSS 0.0210

EPSS Percentile 83.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-908

Status draft

Affected Products (1)

havp/http_antivirus_proxy

Timeline

Published Aug 14, 2008

Tracked Since Feb 18, 2026