Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1833

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1833
Last Modified 07 Mar 2011 10:07:42
Published 16 Apr 2008 11:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1833

Summary

Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.92.1


References

CERT - TA08-260A

VUPEN - ADV-2008-2584

VUPEN - ADV-2008-1227

SECTRACK - 1019850

CONFIRM - http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html

CONFIRM - http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog

GENTOO - GLSA-200805-19

SECUNIA - 31882

SECUNIA - 31576

APPLE - APPLE-SA-2008-09-15

IDEFENSE - 20080414 ClamAV libclamav PE WWPack Heap Overflow Vulnerability

CONFIRM - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=877

FEDORA - FEDORA-2008-3420

FEDORA - FEDORA-2008-3358

XF - clamav-wwpack-pe-bo(41833)

BID - 28798

BID - 28784

MANDRIVA - MDVSA-2008:088

DEBIAN - DSA-1549

SECUNIA - 30328

SECUNIA - 29975

SECUNIA - 29891

SECUNIA - 29863

SUSE - SUSE-SA:2008:024

CONFIRM - http://kolab.org/security/kolab-vendor-notice-20.txt

Related Patches

Apple 2008-09-15 Security Update 2008-006 (PPC)

Apple 2008-09-15 Security Update 2008-006 Server (PPC)

Apple 2008-09-15 Mac OS X 10.5.5 Update

Apple 2008-09-15 Mac OS X Server 10.5.5 Combo Update

Apple 2008-09-15 Mac OS X Server 10.5.5 Update

Apple 2008-09-15 Security Update 2008-006 (Intel)

Apple 2008-09-15 Mac OS X 10.5.5 Combo Update

Apple 2008-09-15 Security Update 2008-006 Server (Intel)


Last Updated: 27 May 2016 10:47:40