CVE Vulnerabilities

CVE-2008-0318

Published: Feb 12, 2008 | Modified: Mar 07, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Clamav Clam_anti-virus * 0.92
Clamav Ubuntu dapper *
Clamav Ubuntu devel *
Clamav Ubuntu edgy *
Clamav Ubuntu feisty *
Clamav Ubuntu gutsy *
Clamav Ubuntu upstream *

References