Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6680

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6680
Last Modified 16 Sep 2009 01:27:09
Published 08 Apr 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6680

Summary

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

Vulnerable Systems

Application

  • Clamav 0.93.1

  • Clamav 0.94

  • Clamav 0.94.1

  • Clamav 0.94.2


References

CONFIRM - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335

XF - clamav-exe-dos(49845)

VUPEN - ADV-2009-0934

UBUNTU - USN-754-1

BID - 34357

MLIST - [oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive

MANDRIVA - MDVSA-2009:097

DEBIAN - DSA-1771

CONFIRM - http://support.apple.com/kb/HT3865

SECUNIA - 36701

SECUNIA - 34716

APPLE - APPLE-SA-2009-09-10-2


Last Updated: 27 May 2016 10:49:17