PT-2008-5050 · Havp · Http Antivirus Proxy

Peter Warasin

Publicado

2008-08-14

Atualizado

2024-02-09

CVE-2008-3688

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HTTP Antivirus Proxy (HAVP) version 0.88

Description The issue allows remote attackers to cause a denial of service by connecting to a non-responsive server, triggering an infinite loop due to an uninitialized variable. This occurs in the sockethandler.cpp component.

Recommendations For HTTP Antivirus Proxy (HAVP) version 0.88, consider disabling the sockethandler.cpp component until a patch is available to prevent the denial of service. Restrict access to non-responsive servers to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-908

Identificadores relacionados

CVE-2008-3688

DTSA-159-1

Produtos afetados

Http Antivirus Proxy

PT-2008-5050 · Havp · Http Antivirus Proxy

CVE-2008-3688

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14