The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Clamav | Clamav | * | 0.87 (including) |
| Clamav | Clamav | 0.01 (including) | 0.01 (including) |
| Clamav | Clamav | 0.02 (including) | 0.02 (including) |
| Clamav | Clamav | 0.3 (including) | 0.3 (including) |
| Clamav | Clamav | 0.03 (including) | 0.03 (including) |
| Clamav | Clamav | 0.05 (including) | 0.05 (including) |
| Clamav | Clamav | 0.8-rc3 (including) | 0.8-rc3 (including) |
| Clamav | Clamav | 0.10 (including) | 0.10 (including) |
| Clamav | Clamav | 0.12 (including) | 0.12 (including) |
| Clamav | Clamav | 0.13 (including) | 0.13 (including) |
| Clamav | Clamav | 0.14 (including) | 0.14 (including) |
| Clamav | Clamav | 0.14-pre (including) | 0.14-pre (including) |
| Clamav | Clamav | 0.15 (including) | 0.15 (including) |
| Clamav | Clamav | 0.20 (including) | 0.20 (including) |
| Clamav | Clamav | 0.21 (including) | 0.21 (including) |
| Clamav | Clamav | 0.22 (including) | 0.22 (including) |
| Clamav | Clamav | 0.23 (including) | 0.23 (including) |
| Clamav | Clamav | 0.24 (including) | 0.24 (including) |
| Clamav | Clamav | 0.51 (including) | 0.51 (including) |
| Clamav | Clamav | 0.52 (including) | 0.52 (including) |
| Clamav | Clamav | 0.53 (including) | 0.53 (including) |
| Clamav | Clamav | 0.54 (including) | 0.54 (including) |
| Clamav | Clamav | 0.60 (including) | 0.60 (including) |
| Clamav | Clamav | 0.60p (including) | 0.60p (including) |
| Clamav | Clamav | 0.65 (including) | 0.65 (including) |
| Clamav | Clamav | 0.66 (including) | 0.66 (including) |
| Clamav | Clamav | 0.67 (including) | 0.67 (including) |
| Clamav | Clamav | 0.67-1 (including) | 0.67-1 (including) |
| Clamav | Clamav | 0.68 (including) | 0.68 (including) |
| Clamav | Clamav | 0.68.1 (including) | 0.68.1 (including) |
| Clamav | Clamav | 0.70 (including) | 0.70 (including) |
| Clamav | Clamav | 0.70-rc (including) | 0.70-rc (including) |
| Clamav | Clamav | 0.71 (including) | 0.71 (including) |
| Clamav | Clamav | 0.72 (including) | 0.72 (including) |
| Clamav | Clamav | 0.73 (including) | 0.73 (including) |
| Clamav | Clamav | 0.74 (including) | 0.74 (including) |
| Clamav | Clamav | 0.75 (including) | 0.75 (including) |
| Clamav | Clamav | 0.75.1 (including) | 0.75.1 (including) |
| Clamav | Clamav | 0.80 (including) | 0.80 (including) |
| Clamav | Clamav | 0.80-rc (including) | 0.80-rc (including) |
| Clamav | Clamav | 0.80-rc1 (including) | 0.80-rc1 (including) |
| Clamav | Clamav | 0.80-rc2 (including) | 0.80-rc2 (including) |
| Clamav | Clamav | 0.80-rc3 (including) | 0.80-rc3 (including) |
| Clamav | Clamav | 0.80-rc4 (including) | 0.80-rc4 (including) |
| Clamav | Clamav | 0.80_rc (including) | 0.80_rc (including) |
| Clamav | Clamav | 0.81 (including) | 0.81 (including) |
| Clamav | Clamav | 0.81-rc1 (including) | 0.81-rc1 (including) |
| Clamav | Clamav | 0.82 (including) | 0.82 (including) |
| Clamav | Clamav | 0.83 (including) | 0.83 (including) |
| Clamav | Clamav | 0.84 (including) | 0.84 (including) |
| Clamav | Clamav | 0.84-rc1 (including) | 0.84-rc1 (including) |
| Clamav | Clamav | 0.84-rc2 (including) | 0.84-rc2 (including) |
| Clamav | Clamav | 0.85 (including) | 0.85 (including) |
| Clamav | Clamav | 0.85.1 (including) | 0.85.1 (including) |
| Clamav | Clamav | 0.86 (including) | 0.86 (including) |
| Clamav | Clamav | 0.86-rc1 (including) | 0.86-rc1 (including) |
| Clamav | Clamav | 0.86.1 (including) | 0.86.1 (including) |
| Clamav | Clamav | 0.86.2 (including) | 0.86.2 (including) |