Executive Summary
Summary | |
---|---|
Title | Updated clamav packages fix multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | MDVSA-2008:003 | First vendor Publication | 2008-01-08 |
Vendor | Mandriva | Last vendor Modification | 2008-01-08 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
An integer overflow vulnerability was reported by iDefense with clamav when parsing Portable Executable (PE) files packed in he MEW format. This could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). As well, an unspecified vulnerability related to the bzip2 decompression algorithm was also discovered (CVE-2007-6337). Other bugs have also been corrected in 0.92 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2008:003 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18352 | |||
Oval ID: | oval:org.mitre.oval:def:18352 | ||
Title: | DSA-1435-1 clamav | ||
Description: | Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1435-1 CVE-2007-6335 CVE-2007-6336 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | clamav |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2008-01-07 | ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for clamav File : nvt/sles9p5012138.nasl |
2009-04-09 | Name : Mandriva Update for clamav MDVSA-2008:003 (clamav) File : nvt/gb_mandriva_MDVSA_2008_003.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-0115 File : nvt/gb_fedora_2008_0115_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-0170 File : nvt/gb_fedora_2008_0170_clamav_fc7.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-3358 File : nvt/gb_fedora_2008_3358_clamav_fc7.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-3420 File : nvt/gb_fedora_2008_3420_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-6422 File : nvt/gb_fedora_2008_6422_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-9651 File : nvt/gb_fedora_2008_9651_clamav_fc8.nasl |
2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1608 File : nvt/gb_fedora_2008_1608_clamav_fc7.nasl |
2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1625 File : nvt/gb_fedora_2008_1625_clamav_fc8.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-20 (clamav) File : nvt/glsa_200712_20.nasl |
2008-02-29 | Name : ClamAV < 0.93.1 vulnerability File : nvt/clamav-CB-A08-0001.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1435-1 (clamav) File : nvt/deb_1435_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42295 | ClamAV libclamav cli_scanpe() MEW Packed PE File Handling Overflow |
42294 | ClamAV MS-ZIP Compressed CAB File Unspecified Arbitrary Code Execution |
42293 | ClamAV nsis/bzlib_private.h bzip2 Decompression Unspecified Issue |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ClamAV MEW PE file integer overflow attempt RuleID : 13362 - Revision : 8 - Type : EXPLOIT |
2014-01-10 | ClamAV MEW PE file integer overflow attempt RuleID : 13361 - Revision : 13 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-003.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0115.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0170.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-20.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1435.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote openSUSE host is missing a security update. File : suse_clamav-4832.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_clamav-4836.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:39:06 |
|