Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-1372
HistoryApr 23, 2009 - 12:00 a.m.

CVE-2009-1372

2009-04-2300:00:00
ubuntu.com
ubuntu.com
8

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.163 Low

EPSS

Percentile

96.0%

JSON

Stack-based buffer overflow in the cli_url_canon function in
libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to
cause a denial of service (application crash) and possibly execute
arbitrary code via a crafted URL.

Notes

Author Note
jdstrand only 0.95 is affected (affected code not present-- part of url_hash_match() was moved out to the new cli_url_canon() in 0.95, and cli_url_canon() introduced the bug)

Related

cve 1
cvelist 1
debiancve 1
prion 1
nvd 1
nessus 9
openvas 14
redhatcve 2
seebug 1
gentoo 1
altlinux 3
cve
cve
CVE-2009-1372
2009-04-23 15:30:00
cvelist
cvelist
CVE-2009-1372
2009-04-23 15:00:00
debiancve
debiancve
CVE-2009-1372
2009-04-23 15:30:00
prion
prion
Stack overflow
2009-04-23 15:30:00
nvd
nvd
CVE-2009-1372
2009-04-23 15:30:00
nessus
nessus
openSUSE Security Update : clamav (clamav-809)
2009-07-21 00:00:00
openSUSE Security Update : clamav (clamav-809)
2009-07-21 00:00:00
ClamAV < 0.95.1 Multiple Vulnerabilities
2009-04-10 00:00:00
openvas
openvas
ClamAV Denial of Service Vulnerability (Linux)
2009-04-30 00:00:00
ClamAV < 0.95.1 Multiple DoS Vulnerabilities - Windows
2009-04-30 00:00:00
SLES9: Security update for ClamAV
2009-10-10 00:00:00
redhatcve
redhatcve
CVE-2009-1371
2019-10-04 21:32:35
CVE-2009-1372
2022-06-08 18:09:47
seebug
seebug
ClamAV UPackζ‹’η»ζœεŠ‘ε’Œcli_url_canon()ζ ˆζΊ’ε‡ΊζΌζ΄ž
2009-04-25 00:00:00
gentoo
gentoo
Clam AntiVirus: Multiple vulnerabilities
2009-09-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package clamav version 0.95.2-alt1
2009-06-22 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.95.2-alt1
2009-06-22 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.95.2-alt1
2009-06-22 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.163 Low

EPSS

Percentile

96.0%

JSON
Related for UB:CVE-2009-1372
cve1cvelist1debiancve1prion1nvd1nessus9openvas14redhatcve2seebug1gentoo1altlinux3