Vulnerability Description
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Prot | F-Prot Antivirus | 3.11b |
| F-Prot | Scanning Engine | <= 4.3.2 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31118Vendor Advisory
- http://www.f-prot.com/download/ReleaseNotesWindows.txt
- http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php
- http://www.securityfocus.com/bid/30253
- http://www.securitytracker.com/id?1020507
- http://www.vupen.com/english/advisories/2008/2124/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43835
- http://secunia.com/advisories/31118Vendor Advisory
- http://www.f-prot.com/download/ReleaseNotesWindows.txt
- http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php
- http://www.securityfocus.com/bid/30253
- http://www.securitytracker.com/id?1020507
- http://www.vupen.com/english/advisories/2008/2124/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43835
FAQ
What is CVE-2008-3244?
CVE-2008-3244 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of...
How severe is CVE-2008-3244?
CVE-2008-3244 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3244?
Check the references section above for vendor advisories and patch information. Affected products include: F-Prot F-Prot Antivirus, F-Prot Scanning Engine.