CVE Vulnerabilities

CVE-2005-3500

Published: Nov 05, 2005 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.

Affected Software

Name Vendor Start Version End Version
Clamav Clam_anti-virus 0.24 0.24
Clamav Clam_anti-virus 0.20 0.20
Clamav Clam_anti-virus 0.84 0.84
Clamav Clam_anti-virus 0.80 0.80
Clamav Clam_anti-virus 0.15 0.15
Clamav Clam_anti-virus 0.65 0.65
Clamav Clam_anti-virus 0.75 0.75
Clamav Clam_anti-virus 0.68 0.68
Clamav Clam_anti-virus 0.71 0.71
Clamav Clam_anti-virus 0.86.1 0.86.1
Clamav Clam_anti-virus 0.82 0.82
Clamav Clam_anti-virus 0.73 0.73
Clamav Clam_anti-virus 0.72 0.72
Clamav Clam_anti-virus 0.85.1 0.85.1
Clamav Clam_anti-virus 0.87 0.87
Clamav Clam_anti-virus 0.85 0.85
Clamav Clam_anti-virus 0.74 0.74
Clamav Clam_anti-virus 0.75.1 0.75.1
Clamav Clam_anti-virus 0.86.2 0.86.2
Clamav Clam_anti-virus 0.67 0.67
Clamav Clam_anti-virus 0.81 0.81
Clamav Clam_anti-virus 0.21 0.21
Clamav Clam_anti-virus 0.54 0.54
Clamav Clam_anti-virus 0.53 0.53
Clamav Clam_anti-virus 0.70 0.70
Clamav Clam_anti-virus 0.60 0.60
Clamav Clam_anti-virus 0.86 0.86
Clamav Clam_anti-virus 0.83 0.83
Clamav Clam_anti-virus 0.68.1 0.68.1
Clamav Clam_anti-virus 0.51 0.51
Clamav Clam_anti-virus 0.23 0.23
Clamav Clam_anti-virus 0.52 0.52
Clamav Clam_anti-virus 0.22 0.22

References