CVE-2007-6335
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.246 Low
EPSS
Percentile
96.6%
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| clam_anti-virus:clamav | clam anti-virus clamav | le | 0.92 |
References
docs.info.apple.com/article.html?artnum=307562
labs.idefense.com/intelligence/vulnerabilities/display.php?id=634
lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
secunia.com/advisories/28117
secunia.com/advisories/28153
secunia.com/advisories/28176
secunia.com/advisories/28278
secunia.com/advisories/28412
secunia.com/advisories/28421
secunia.com/advisories/28587
secunia.com/advisories/29420
security.gentoo.org/glsa/glsa-200712-20.xml
www.debian.org/security/2007/dsa-1435
www.mandriva.com/security/advisories?name=MDVSA-2008:003
www.securityfocus.com/bid/26927
www.securitytracker.com/id?1019112
www.vupen.com/english/advisories/2007/4253
www.vupen.com/english/advisories/2008/0924/references
exchange.xforce.ibmcloud.com/vulnerabilities/39119
www.exploit-db.com/exploits/4862
www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html
www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html
Social References
More
Related
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.246 Low
EPSS
Percentile
96.6%