Lucene search

K
cve[email protected]CVE-2005-2450
HistoryAug 03, 2005 - 4:00 a.m.

CVE-2005-2450

2005-08-0304:00:00
web.nvd.nist.gov
28
cve-2005-2450
integer overflows
file format processors
clam antivirus
remote attackers
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.233

Percentile

96.6%

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.

Affected configurations

NVD
Node
clam_anti-virusclamavMatch0.85
OR
clam_anti-virusclamavMatch0.85.1
OR
clam_anti-virusclamavMatch0.86
VendorProductVersionCPE
clam_anti-virusclamav0.85cpe:/a:clam_anti-virus:clamav:0.85:::
clam_anti-virusclamav0.85.1cpe:/a:clam_anti-virus:clamav:0.85.1:::
clam_anti-virusclamav0.86cpe:/a:clam_anti-virus:clamav:0.86:::

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.233

Percentile

96.6%