Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2450

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2450
Last Modified 05 Sep 2008 04:51:47
Published 03 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2450

Summary

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.85

  • Clam Anti-virus Clamav 0.85.1

  • Clam Anti-virus Clamav 0.86


References

XF - clam-antivirus-file-format-gain-access(21555)

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=344514

BID - 14359

GENTOO - GLSA-200507-25

CONECTIVA - CLSA-2005:987

OSVDB - 18259

OSVDB - 18258

OSVDB - 18257

SUSE - SUSE-SR:2005:018

SECUNIA - 16458

SECUNIA - 16296

SECUNIA - 16250

SECUNIA - 16229

SECUNIA - 16180

BUGTRAQ - 20050725 ClamAV Multiple Rem0te Buffer Overflows


Last Updated: 27 May 2016 10:40:31