CVE-2008-5314

ClamAV <0.94.2 - DoS

Title source: llm

Description

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ilja van sprundel · cdosmultiple

https://www.exploit-db.com/exploits/7330

View Code ZIP pw:eip

References (24)

[Mailing List] http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

[Various Sources] http://lurker.clamav.net/message/20081126.150241.55b1e092.en.html

[Third Party Advisory, VDB Entry] http://osvdb.org/50363

[Product] http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134

[Vendor Advisory] http://support.apple.com/kb/HT3438

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2008:239

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021296

[Vendor Advisory] http://www.ubuntu.com/usn/usn-684-1

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46985

[Exploit] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32555

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7330

[Third Party Advisory] http://www.debian.org/security/2008/dsa-1680

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200812-21.xml

[Mailing List] http://www.openwall.com/lists/oss-security/2008/12/01/8

[Third Party Advisory] http://secunia.com/advisories/32926

[Third Party Advisory] http://secunia.com/advisories/32936

[Third Party Advisory] http://secunia.com/advisories/33016

[Third Party Advisory] http://secunia.com/advisories/33195

... and 4 more

Scores

EPSS 0.2465

EPSS Percentile 96.2%

Details

CWE

CWE-399

Status published

Products (41)

clam_anti-virus/clamav 0.70

clam_anti-virus/clamav 0.71

clam_anti-virus/clamav 0.72

clam_anti-virus/clamav 0.73

clam_anti-virus/clamav 0.74

clam_anti-virus/clamav 0.75

clam_anti-virus/clamav 0.75.1

clam_anti-virus/clamav 0.80 (5 CPE variants)

clam_anti-virus/clamav 0.81 (2 CPE variants)

clam_anti-virus/clamav 0.82

... and 31 more

Published Dec 03, 2008

Tracked Since Feb 18, 2026