Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1003

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-1003
Last Modified 11 Feb 2014 11:27:34
Published 23 Feb 2011 02:00:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1003

Summary

Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Clamav 0.01

  • Clamav 0.02

  • Clamav 0.03

  • Clamav 0.05

  • Clamav 0.10

  • Clamav 0.12

  • Clamav 0.13

  • Clamav 0.14

  • Clamav 0.15

  • Clamav 0.20

  • Clamav 0.21

  • Clamav 0.22

  • Clamav 0.23

  • Clamav 0.24

  • Clamav 0.3

  • Clamav 0.51

  • Clamav 0.52

  • Clamav 0.53

  • Clamav 0.54

  • Clamav 0.60

  • Clamav 0.60p

  • Clamav 0.65

  • Clamav 0.66

  • Clamav 0.67

  • Clamav 0.67-1

  • Clamav 0.68

  • Clamav 0.68.1

  • Clamav 0.70

  • Clamav 0.71

  • Clamav 0.72

  • Clamav 0.73

  • Clamav 0.74

  • Clamav 0.75

  • Clamav 0.75.1

  • Clamav 0.8

  • Clamav 0.80

  • Clamav 0.80 Rc

  • Clamav 0.81

  • Clamav 0.82

  • Clamav 0.83

  • Clamav 0.84

  • Clamav 0.85

  • Clamav 0.85.1

  • Clamav 0.86

  • Clamav 0.86.1

  • Clamav 0.86.2

  • Clamav 0.87

  • Clamav 0.87.1

  • Clamav 0.88

  • Clamav 0.88.1

  • Clamav 0.88.2

  • Clamav 0.88.3

  • Clamav 0.88.4

  • Clamav 0.88.5

  • Clamav 0.88.6

  • Clamav 0.88.7

  • Clamav 0.88.7 P0

  • Clamav 0.88.7 P1

  • Clamav 0.9

  • Clamav 0.90

  • Clamav 0.90.1

  • Clamav 0.90.1 P0

  • Clamav 0.90.2

  • Clamav 0.90.2 P0

  • Clamav 0.90.3

  • Clamav 0.90.3 P0

  • Clamav 0.90.3 P1

  • Clamav 0.91

  • Clamav 0.91.1

  • Clamav 0.91.2

  • Clamav 0.91.2 P0

  • Clamav 0.92

  • Clamav 0.92 P0

  • Clamav 0.92.1

  • Clamav 0.93

  • Clamav 0.93.1

  • Clamav 0.93.2

  • Clamav 0.93.3

  • Clamav 0.94

  • Clamav 0.94.1

  • Clamav 0.94.2

  • Clamav 0.95

  • Clamav 0.95.1

  • Clamav 0.95.2

  • Clamav 0.95.3

  • Clamav 0.96

  • Clamav 0.96.1

  • Clamav 0.96.2

  • Clamav 0.96.3

  • Clamav 0.96.4

  • Clamav 0.96.5


References

CONFIRM - http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f

CONFIRM - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486

XF - clamav-vbareadprojectstrings-dos(65544)

VUPEN - ADV-2011-0523

VUPEN - ADV-2011-0458

VUPEN - ADV-2011-0453

UBUNTU - USN-1076-1

BID - 46470

MANDRIVA - MDVA-2011:007

SECTRACK - 1025100

SECUNIA - 43752

SECUNIA - 43498

SECUNIA - 43392

OSVDB - 70937

MLIST - [oss-security] 20110221 Re: clamav 0.97

MLIST - [oss-security] 20110221 clamav 0.97

FEDORA - FEDORA-2011-2743

FEDORA - FEDORA-2011-2741

CONFIRM - http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob;f=ChangeLog;hb=clamav-0.97

SUSE - SUSE-SR:2011:005

Related Patches

Novell SUSE 2011:7380 clamav security update for SLE 10 SP3 i586

Novell SUSE 2011:7380 clamav security update for SLE 10 SP3 x86_64


Last Updated: 27 May 2016 11:04:26