Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1922

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1922
Last Modified 05 Sep 2008 04:50:26
Published 05 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1922

Summary

The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.81

  • Clam Anti-virus Clamav 0.82

  • Clam Anti-virus Clamav 0.83

  • Clam Anti-virus Clamav 0.84 Rc1

  • Clam Anti-virus Clamav 0.84 Rc2

  • Clam Anti-virus Clamav 0.85

  • Clam Anti-virus Clamav 0.85.1


References

IDEFENSE - 20050629 Clam AntiVirus ClamAV MS-Expand File Handling DoS Vulnerability

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=336462

DEBIAN - DSA-737


Last Updated: 27 May 2016 10:40:20