Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6335

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-6335
Last Modified 07 Mar 2011 10:02:29
Published 19 Dec 2007 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6335

Summary

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.92


References

VUPEN - ADV-2008-0924

VUPEN - ADV-2007-4253

DEBIAN - DSA-1435

SECUNIA - 28117

IDEFENSE - 20071218 ClamAV libclamav MEW PE File Integer Overflow Vulnerability

FEDORA - FEDORA-2008-0115

FEDORA - FEDORA-2008-0170

XF - clamantivirus-libclamav-mewpe-bo(39119)

SECTRACK - 1019112

BID - 26927

MILW0RM - 4862

MANDRIVA - MDVSA-2008:003

GENTOO - GLSA-200712-20

SECUNIA - 29420

SECUNIA - 28587

SECUNIA - 28421

SECUNIA - 28412

SECUNIA - 28278

SECUNIA - 28176

SECUNIA - 28153

SUSE - SUSE-SR:2008:001

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:28