CVE-2008-3914

Name: CVE-2008-3914
Creator: NVD / NIST
Published: 2008-09-11T01:13:41.29+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.58%

Last modified Jun 16, 2026

CVE-2008-3914 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.. EPSS estimates a 3.58% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.

Metrics

EPSS Probability

3.58%

87.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Clamav	Clamav	<= 0.93.3

References

http://kolab.org/security/kolab-vendor-notice-22.txtThird Party Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/31906Third Party Advisory
http://secunia.com/advisories/31982Third Party Advisory
http://secunia.com/advisories/32030Third Party Advisory
http://secunia.com/advisories/32222Third Party Advisory
http://secunia.com/advisories/32424Third Party Advisory
http://secunia.com/advisories/32699Third Party Advisory
http://security.gentoo.org/glsa/glsa-200809-18.xmlThird Party Advisory
http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661Patch, Third Party Advisory
http://support.apple.com/kb/HT3216Third Party Advisory
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLogVendor Advisory
http://www.debian.org/security/2008/dsa-1660Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:189Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/03/2Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/04/13Mailing List
http://www.securityfocus.com/bid/31051Patch, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/31681Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020828Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2008/2564Permissions Required
http://www.vupen.com/english/advisories/2008/2780Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/45058Third Party Advisory, VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.htmlThird Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.htmlThird Party Advisory
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141Issue Tracking
http://kolab.org/security/kolab-vendor-notice-22.txtThird Party Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/31906Third Party Advisory
http://secunia.com/advisories/31982Third Party Advisory
http://secunia.com/advisories/32030Third Party Advisory
http://secunia.com/advisories/32222Third Party Advisory
http://secunia.com/advisories/32424Third Party Advisory
http://secunia.com/advisories/32699Third Party Advisory
http://security.gentoo.org/glsa/glsa-200809-18.xmlThird Party Advisory
http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661Patch, Third Party Advisory
http://support.apple.com/kb/HT3216Third Party Advisory
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLogVendor Advisory
http://www.debian.org/security/2008/dsa-1660Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:189Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/03/2Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2008/09/04/13Mailing List
http://www.securityfocus.com/bid/31051Patch, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/31681Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1020828Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2008/2564Permissions Required
http://www.vupen.com/english/advisories/2008/2780Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/45058Third Party Advisory, VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.htmlThird Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.htmlThird Party Advisory
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141Issue Tracking

Timeline

Published: Sep 11, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-3914?

How severe is CVE-2008-3914?

Severity scoring for CVE-2008-3914 is pending analysis. The EPSS model estimates a 3.58% probability of exploitation in the next 30 days.

How do I fix CVE-2008-3914?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-3914?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST