Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6336

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6336
Last Modified 30 Aug 2011 12:00:00
Published 19 Dec 2007 08:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6336

Summary

Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.91


References

BID - 26946

FEDORA - FEDORA-2008-0115

FEDORA - FEDORA-2008-0170

XF - clamantivirus-mszip-bo(39169)

VUPEN - ADV-2008-0924

MANDRIVA - MDVSA-2008:003

DEBIAN - DSA-1435

SECTRACK - 1019150

GENTOO - GLSA-200712-20

SECUNIA - 29420

SECUNIA - 28587

SECUNIA - 28421

SECUNIA - 28412

SECUNIA - 28278

SECUNIA - 28176

SECUNIA - 28153

SUSE - SUSE-SR:2008:001

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:28