Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2005-2450 | First vendor Publication | 2005-08-03 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2450 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200507-25 (clamav) File : nvt/glsa_200507_25.nasl |
| 2008-09-04 | Name : FreeBSD Ports: clamav File : nvt/freebsd_clamav3.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 776-1 (clamav) File : nvt/deb_776_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 18259 | Clam AntiVirus FSG File Processing Overflow A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/fsg.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise. |
| 18258 | Clam AntiVirus CHM File Processing Filename Overflow A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/chmunpack.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise. |
| 18257 | Clam AntiVirus TNEF File Processing Multiple Overflows A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/tnef.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | ClamAV CHM File Handling Integer Overflow attempt RuleID : 17352 - Revision : 13 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-125.nasl - Type : ACT_GATHER_INFO |
| 2005-08-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-776.nasl - Type : ACT_GATHER_INFO |
| 2005-07-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200507-25.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:22:00 |
|
| 2024-11-28 12:07:17 |
|
| 2021-05-04 12:03:05 |
|
| 2021-04-22 01:03:22 |
|
| 2020-05-23 00:16:44 |
|
| 2017-07-11 12:01:58 |
|
| 2016-10-18 12:01:44 |
|
| 2016-06-28 15:20:27 |
|
| 2016-04-26 13:42:28 |
|
| 2014-02-17 10:32:17 |
|
| 2014-01-19 21:22:50 |
|
| 2013-05-11 11:29:30 |
|
