// For flags

CVE-2008-3914

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.

MĂșltiples vulnerabilidades sin especificar en ClamAV anterior a 0.94 tiene un impacto y vectores desconocidos relacionado con el filtrado del descriptor de archivos sobre el "error_path" en (1)libclamav/others.c y (2) libclamav/sis.c.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-09-04 CVE Reserved
  • 2008-09-09 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (24)
URL Tag Source
http://kolab.org/security/kolab-vendor-notice-22.txt Third Party Advisory
http://secunia.com/advisories/31906 Third Party Advisory
http://secunia.com/advisories/31982 Third Party Advisory
http://secunia.com/advisories/32030 Third Party Advisory
http://secunia.com/advisories/32222 Third Party Advisory
http://secunia.com/advisories/32424 Third Party Advisory
http://secunia.com/advisories/32699 Third Party Advisory
http://support.apple.com/kb/HT3216 Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/03/2 Mailing List
http://www.openwall.com/lists/oss-security/2008/09/04/13 Mailing List
http://www.securityfocus.com/bid/31681 Third Party Advisory
http://www.securitytracker.com/id?1020828 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/45058 Third Party Advisory
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141 Issue Tracking
URL Date SRC
URL Date SRC
http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661 2020-11-05
http://www.securityfocus.com/bid/31051 2020-11-05
URL Date SRC
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html 2020-11-05
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html 2020-11-05
http://security.gentoo.org/glsa/glsa-200809-18.xml 2020-11-05
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog 2020-11-05
http://www.debian.org/security/2008/dsa-1660 2020-11-05
http://www.mandriva.com/security/advisories?name=MDVSA-2008:189 2020-11-05
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html 2020-11-05
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html 2020-11-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Clamav
Search vendor "Clamav"
 Clamav
Search vendor "Clamav" for product "Clamav"
 <= 0.93.3
Search vendor "Clamav" for product "Clamav" and version " <= 0.93.3"
-
Affected