clamav

2006-12-0900:00:00

Google

osv.dev

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Stephen Gran discovered that malformed base64-encoded MIME attachments
can lead to denial of service through a null pointer dereference.

For the stable distribution (sarge) this problem has been fixed in
version 0.84-2.sarge.12.

For the upcoming stable distribution (etch) this problem has been
fixed in version 0.86-1.

For the unstable distribution (sid) this problem has been fixed in
version 0.86-1.

We recommend that you upgrade your clamav package.

CPENameOperatorVersion
clamaveq0.84-2.sarge.7
clamaveq0.84-2.sarge.10
clamaveq0.84-2.sarge.11
clamaveq0.84-2.sarge.6
clamaveq0.84-2
clamaveq0.84-2.sarge.2
clamaveq0.84-2.sarge.4
clamaveq0.84-2.sarge.5
clamaveq0.84-2.sarge.3
clamaveq0.84-2.sarge.9

Name	Operator	Version
clamav	eq	0.84-2.sarge.7
clamav	eq	0.84-2.sarge.10
clamav	eq	0.84-2.sarge.11
clamav	eq	0.84-2.sarge.6
clamav	eq	0.84-2
clamav	eq	0.84-2.sarge.2
clamav	eq	0.84-2.sarge.4
clamav	eq	0.84-2.sarge.5
clamav	eq	0.84-2.sarge.3
clamav	eq	0.84-2.sarge.9