Search for vulnerabilities
Vulnerability details: VCID-p9w1-a3jq-aaan
Vulnerability ID VCID-p9w1-a3jq-aaan
Aliases CVE-2008-3215
Summary libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
epss 0.02781 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.02781 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.03636 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.0695 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08037 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08037 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
epss 0.08468 https://api.first.org/data/v1/epss?cve=CVE-2008-3215
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=455373
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2008-3215
Reference id Reference type URL
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
http://lurker.clamav.net/message/20080707.155612.ad411b00.en.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3215.json
https://api.first.org/data/v1/epss?cve=CVE-2008-3215
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3215
http://secunia.com/advisories/31091
http://secunia.com/advisories/31437
http://secunia.com/advisories/31882
http://security.gentoo.org/glsa/glsa-200808-07.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/44200
http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3920
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00606.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000#c4
http://www.mandriva.com/security/advisories?name=MDVSA-2008:166
http://www.openwall.com/lists/oss-security/2008/07/08/5
http://www.openwall.com/lists/oss-security/2008/07/15/1
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
http://www.vupen.com/english/advisories/2008/2584
455373 https://bugzilla.redhat.com/show_bug.cgi?id=455373
cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.88.7:p1:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.1:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.1:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.2:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.2:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.2:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.3:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.90.3:p1:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.91.2:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.91.2:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.92:p0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.92:p0:*:*:*:*:*:*
cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:0.93:*:*:*:*:*:*:*
CVE-2008-3215 https://nvd.nist.gov/vuln/detail/CVE-2008-3215
GLSA-200808-07 https://security.gentoo.org/glsa/200808-07
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3215
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.84793
EPSS Score 0.02781
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.