Computer Security
[EN] no-pyccku

ClamAV antivirus integer overflow
SecurityVulns ID:8467
Threat Level:
Description:Integer overflow leading to heap buffer overflow on MEW packer parsing.
Affected:CLAMAV : ClamAV 0.91
CVE:CVE-2007-6335 (Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.)
 CVE-2007-5759 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6335. Reason: This candidate is a duplicate of CVE-2007-6335. Notes: All CVE users should reference CVE-2007-6335 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 12.18.07: ClamAV libclamav MEW PE File Integer Overflow Vulnerability (19.12.2007)
Files:clamav-0.91.2 exploit ( CVE-2007-6335 )

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod