Lucene search
UbuntuUSN-672-1HistoryNov 17, 2008 - 12:00 a.m.
ClamAV vulnerability
2008-11-1700:00:00
ubuntu.com
58
6.3 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.0%
Releases
- Ubuntu 8.10
Packages
- clamav -
Details
Moritz Jodeit discovered that ClamAV did not correctly handle certain
strings when examining a VBA project. If a remote attacker tricked ClamAV
into processing a malicious VBA file, ClamAV would crash, leading to a
denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | libclamav5 | < 0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | clamav | < 0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | clamav | < daemon-0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | clamav | < dbg-0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | clamav | < freshclam-0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | clamav | < milter-0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libclamav-dev | < 0.94.dfsg.1-1ubuntu0.1 | UNKNOWN |
References
Related
prion
prion
Heap overflow
2008-11-13 02:30:00
nessus
nessus
SuSE9 Security Update : clamav (YOU Patch Number 12293)
2012-04-23 00:00:00
Ubuntu 8.10 : clamav vulnerability (USN-672-1)
2009-04-23 00:00:00
SuSE9 Security Update : ClamAV (YOU Patch Number 12292)
2009-09-24 00:00:00
cve
cve
CVE-2008-5050
2008-11-13 02:30:00
openvas
openvas
SLES9: Security update for ClamAV
2009-10-10 00:00:00
ClamAV < 0.94.1 get_unicode_name() Off-By-One Heap based BOF Vulnerability
2008-11-26 00:00:00
Ubuntu: Security Advisory (USN-672-1)
2009-03-23 00:00:00
debiancve
debiancve
CVE-2008-5050
2008-11-13 02:30:00
ubuntucve
ubuntucve
CVE-2008-5050
2008-11-13 00:00:00
freebsd
freebsd
clamav -- off-by-one heap overflow in VBA project parser
2008-11-08 00:00:00
redhatcve
redhatcve
CVE-2008-5050
2019-10-04 20:42:46
debian
debian
[Backports-security-announce] Security Update for clamav
2008-12-15 13:31:51
[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
2008-12-04 08:26:17
[Backports-security-announce] Security Update for clamav
2008-12-15 12:36:28
osv
osv
clamav - potential code execution
2008-12-04 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2008-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: clamav-0.93.3-2.fc9
2008-11-14 12:44:50
[SECURITY] Fedora 8 Update: clamav-0.92.1-4.fc8
2008-11-14 12:46:28
6.3 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.054 Low
EPSS
Percentile
93.0%
Related for USN-672-1