Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1615

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-1615
Last Modified 09 Sep 2011 12:00:00
Published 06 Apr 2006 06:04:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1615

Summary

Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.

Vulnerable Systems

Application

  • Clamav 0.01

  • Clamav 0.02

  • Clamav 0.03

  • Clamav 0.05

  • Clamav 0.10

  • Clamav 0.12

  • Clamav 0.13

  • Clamav 0.14

  • Clamav 0.15

  • Clamav 0.20

  • Clamav 0.21

  • Clamav 0.22

  • Clamav 0.23

  • Clamav 0.24

  • Clamav 0.3

  • Clamav 0.51

  • Clamav 0.52

  • Clamav 0.53

  • Clamav 0.54

  • Clamav 0.60

  • Clamav 0.60p

  • Clamav 0.65

  • Clamav 0.66

  • Clamav 0.67

  • Clamav 0.67-1

  • Clamav 0.68

  • Clamav 0.68.1

  • Clamav 0.70

  • Clamav 0.71

  • Clamav 0.72

  • Clamav 0.73

  • Clamav 0.74

  • Clamav 0.75

  • Clamav 0.75.1

  • Clamav 0.8

  • Clamav 0.80

  • Clamav 0.81

  • Clamav 0.82

  • Clamav 0.83

  • Clamav 0.84

  • Clamav 0.85

  • Clamav 0.85.1

  • Clamav 0.86

  • Clamav 0.86.1

  • Clamav 0.86.2

  • Clamav 0.87

  • Clamav 0.87.1

  • Clamav 0.88


References

CERT - TA06-132A

BID - 17388

GENTOO - GLSA-200604-06

DEBIAN - DSA-1024

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638

SECUNIA - 19608

SECUNIA - 19570

SECUNIA - 19564

SECUNIA - 19536

SECUNIA - 19534

SUSE - SUSE-SA:2006:020

XF - clamav-output-format-string(25661)

VUPEN - ADV-2006-1779

VUPEN - ADV-2006-1258

TRUSTIX - 2006-0020

BID - 17951

OSVDB - 24458

MANDRIVA - MDKSA-2006:067

CONFIRM - http://up2date.astaro.com/2006/05/low_up2date_6202.html

SECUNIA - 23719

SECUNIA - 20077

SECUNIA - 19567

APPLE - APPLE-SA-2006-05-11

Related Patches

Apple 2006-05-11 Security Update 2006-003 (10.4.6 Server)


Last Updated: 27 May 2016 10:42:09