Search for vulnerabilities
Vulnerability details: VCID-26x2-1bvh-aaag
Vulnerability ID VCID-26x2-1bvh-aaag
Aliases CVE-2008-6680
Summary libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.02741 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.03573 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07137 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07715 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07857 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07857 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07857 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
epss 0.07857 https://api.first.org/data/v1/epss?cve=CVE-2008-6680
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=495036
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2008-6680
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-6680.json
https://api.first.org/data/v1/epss?cve=CVE-2008-6680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6680
http://secunia.com/advisories/34716
http://secunia.com/advisories/36701
https://exchange.xforce.ibmcloud.com/vulnerabilities/49845
http://support.apple.com/kb/HT3865
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335
http://www.debian.org/security/2009/dsa-1771
http://www.mandriva.com/security/advisories?name=MDVSA-2009:097
http://www.openwall.com/lists/oss-security/2009/04/07/6
http://www.securityfocus.com/bid/34357
http://www.ubuntu.com/usn/usn-754-1
http://www.vupen.com/english/advisories/2009/0934
495036 https://bugzilla.redhat.com/show_bug.cgi?id=495036
523016 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=523016
cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*
CVE-2008-6680 https://nvd.nist.gov/vuln/detail/CVE-2008-6680
GLSA-200909-04 https://security.gentoo.org/glsa/200909-04
USN-754-1 https://usn.ubuntu.com/754-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-6680
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.84696
EPSS Score 0.02741
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.