Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0162

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0162
Last Modified 07 Mar 2011 09:29:28
Published 10 Jan 2006 02:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0162

Summary

Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav .

  • Clam Anti-virus Clamav 0.51

  • Clam Anti-virus Clamav 0.52

  • Clam Anti-virus Clamav 0.53

  • Clam Anti-virus Clamav 0.54

  • Clam Anti-virus Clamav 0.60

  • Clam Anti-virus Clamav 0.65

  • Clam Anti-virus Clamav 0.67

  • Clam Anti-virus Clamav 0.68

  • Clam Anti-virus Clamav 0.68.1

  • Clam Anti-virus Clamav 0.70

  • Clam Anti-virus Clamav 0.75.1

  • Clam Anti-virus Clamav 0.80

  • Clam Anti-virus Clamav 0.80 Rc1

  • Clam Anti-virus Clamav 0.80 Rc2

  • Clam Anti-virus Clamav 0.80 Rc3

  • Clam Anti-virus Clamav 0.80 Rc4

  • Clam Anti-virus Clamav 0.81

  • Clam Anti-virus Clamav 0.82

  • Clam Anti-virus Clamav 0.83

  • Clam Anti-virus Clamav 0.84

  • Clam Anti-virus Clamav 0.84 Rc1

  • Clam Anti-virus Clamav 0.84 Rc2

  • Clam Anti-virus Clamav 0.85

  • Clam Anti-virus Clamav 0.85.1

  • Clam Anti-virus Clamav 0.86

  • Clam Anti-virus Clamav 0.86.1

  • Clam Anti-virus Clamav 0.86.2

  • Clam Anti-virus Clamav 0.87

  • Clam Anti-virus Clamav 0.87.1


References

CERT-VN - VU#385908

BID - 16191

SECUNIA - 18379

VUPEN - ADV-2006-0116

CONFIRM - http://www.clamav.net/doc/0.88/ChangeLog

XF - clamav-libclamav-upx-bo(24047)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-06-001.html

TRUSTIX - 2006-0002

OSVDB - 22318

MANDRIVA - MDKSA-2006:016

GENTOO - GLSA-200601-07

DEBIAN - DSA-947

SECTRACK - 1015457

SREASON - 342

SECUNIA - 18548

SECUNIA - 18478

SECUNIA - 18463

SECUNIA - 18453

FULLDISC - 20060112 ZDI-06-001: Clam AntiVirus UPX Unpacking Code Execution Vulnerability


Last Updated: 27 May 2016 10:41:33