Search for vulnerabilities
Vulnerability details: VCID-gdbj-wacb-aaak
Vulnerability ID VCID-gdbj-wacb-aaak
Aliases CVE-2008-5314
Summary Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.14474 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26689 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
epss 0.26801 https://api.first.org/data/v1/epss?cve=CVE-2008-5314
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=474317
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2008-5314
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html
http://lurker.clamav.net/message/20081126.150241.55b1e092.en.html
http://osvdb.org/50363
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5314.json
https://api.first.org/data/v1/epss?cve=CVE-2008-5314
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5314
http://secunia.com/advisories/32926
http://secunia.com/advisories/32936
http://secunia.com/advisories/33016
http://secunia.com/advisories/33195
http://secunia.com/advisories/33317
http://secunia.com/advisories/33937
http://security.gentoo.org/glsa/glsa-200812-21.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/46985
http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134
http://support.apple.com/kb/HT3438
https://www.exploit-db.com/exploits/7330
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266
http://www.debian.org/security/2008/dsa-1680
http://www.mandriva.com/security/advisories?name=MDVSA-2008:239
http://www.openwall.com/lists/oss-security/2008/12/01/8
http://www.securityfocus.com/bid/32555
http://www.securitytracker.com/id?1021296
http://www.ubuntu.com/usn/usn-684-1
http://www.vupen.com/english/advisories/2008/3311
http://www.vupen.com/english/advisories/2009/0422
474317 https://bugzilla.redhat.com/show_bug.cgi?id=474317
507624 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507624
cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.80:rc:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.80:rc2:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.80:rc3:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.80:rc4:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.81:rc1:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.84:rc1:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.84:rc2:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.86:rc1:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.91:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.91:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.91.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.91.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.91.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.91.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.93.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.93.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.93.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.93.3:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.94:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.94:*:*:*:*:*:*:*
CVE-2008-5314 https://nvd.nist.gov/vuln/detail/CVE-2008-5314
CVE-2008-5314;OSVDB-50363 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/7330.c
GLSA-200812-21 https://security.gentoo.org/glsa/200812-21
USN-684-1 https://usn.ubuntu.com/684-1/
Data source Exploit-DB
Date added Dec. 2, 2008
Description ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)
Ransomware campaign use Known
Source publication date Dec. 3, 2008
Exploit type dos
Platform multiple
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-5314
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95875
EPSS Score 0.14474
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.