Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
CVE-2008-3243 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3243): Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. CVE-2008-3244 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3244): The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.
Linux 6.0.2 changelog states: - Scan engine upgraded from 4.4.2 to 4.4.4 with improved detection rates and fewer false positives.
ping, please bump
*PING #2*
versions bumped. since there are no 6.0.2 versions for ppc and x86-fbsd, I guess I won't ask for them to be keyworded, hoping frisk will eventually update those as well.
This has been fixed with GLSA 200904-14. Since impact and versions are the same, no errata will be sent. glsa-200904-14.xml has been updated. Thanks.
