Lucene search

[email protected]NVD:CVE-2006-0162

HistoryJan 10, 2006 - 7:03 p.m.

CVE-2006-0162

2006-01-1019:03:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.374 Low

EPSS

Percentile

97.2%

JSON

Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

Affected configurations

NVD

Node

clam_anti-virusclamavMatch.

clam_anti-virusclamavMatch0.51

clam_anti-virusclamavMatch0.52

clam_anti-virusclamavMatch0.53

clam_anti-virusclamavMatch0.54

clam_anti-virusclamavMatch0.60

clam_anti-virusclamavMatch0.65

clam_anti-virusclamavMatch0.67

clam_anti-virusclamavMatch0.68

clam_anti-virusclamavMatch0.68.1

clam_anti-virusclamavMatch0.70

clam_anti-virusclamavMatch0.75.1

clam_anti-virusclamavMatch0.80

clam_anti-virusclamavMatch0.80_rc1

clam_anti-virusclamavMatch0.80_rc2

clam_anti-virusclamavMatch0.80_rc3

clam_anti-virusclamavMatch0.80_rc4

clam_anti-virusclamavMatch0.81

clam_anti-virusclamavMatch0.82

clam_anti-virusclamavMatch0.83

clam_anti-virusclamavMatch0.84

clam_anti-virusclamavMatch0.84_rc1

clam_anti-virusclamavMatch0.84_rc2

clam_anti-virusclamavMatch0.85

clam_anti-virusclamavMatch0.85.1

clam_anti-virusclamavMatch0.86

clam_anti-virusclamavMatch0.86.1

clam_anti-virusclamavMatch0.86.2

clam_anti-virusclamavMatch0.87

clam_anti-virusclamavMatch0.87.1

References

lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html

secunia.com/advisories/18379

secunia.com/advisories/18453

secunia.com/advisories/18463

secunia.com/advisories/18478

secunia.com/advisories/18548

securityreason.com/securityalert/342

securitytracker.com/id?1015457

www.clamav.net/doc/0.88/ChangeLog

www.debian.org/security/2006/dsa-947

www.gentoo.org/security/en/glsa/glsa-200601-07.xml

www.kb.cert.org/vuls/id/385908

www.mandriva.com/security/advisories?name=MDKSA-2006:016

www.osvdb.org/22318

www.securityfocus.com/bid/16191

www.trustix.org/errata/2006/0002/

www.vupen.com/english/advisories/2006/0116

www.zerodayinitiative.com/advisories/ZDI-06-001.html

exchange.xforce.ibmcloud.com/vulnerabilities/24047

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.374 Low

EPSS

Percentile

97.2%

JSON

Related for NVD:CVE-2006-0162

cve1 nessus4 securityvulns1 freebsd1 openvas10 debian4 debiancve1 cvelist1 prion1 cert1 gentoo1 ubuntucve1 zdi1