CVE-2008-2713
clamav - denial of service
EPSS 3.6%
Description
libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.
How to fix CVE-2008-2713
To remediate CVE-2008-2713, upgrade the affected package to a fixed version below.
- Debian/clamav—upgrade to 0.93.1.dfsg-1.1 or later
- Debian/clamav—upgrade to 0.90.1dfsg-3.1etch14 or later
- Debian/clamav—upgrade to 0.93~dfsg-1+lenny1 or later
Is CVE-2008-2713 being exploited?
Low — EPSS is 3.6%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 0.93.1.dfsg-1.1
- from 0, < 0.90.1dfsg-3.1etch14
- from 0, < 0.93~dfsg-1+lenny1