Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-3501
HistoryNov 05, 2005 - 11:02 a.m.

CVE-2005-3501

2005-11-0511:02:00
CWE-399
[email protected]
web.nvd.nist.gov
29
cve-2005-3501
cabd_find
libmspack
remote attackers
denial of service
crafted cab file

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.3%

JSON

The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.

Affected configurations

NVD
Node
clamavclamavRange0.87
OR
clamavclamavMatch0.01
OR
clamavclamavMatch0.02
OR
clamavclamavMatch0.3
OR
clamavclamavMatch0.03
OR
clamavclamavMatch0.05
OR
clamavclamavMatch0.8rc3
OR
clamavclamavMatch0.10
OR
clamavclamavMatch0.12
OR
clamavclamavMatch0.13
OR
clamavclamavMatch0.14
OR
clamavclamavMatch0.14pre
OR
clamavclamavMatch0.15
OR
clamavclamavMatch0.20
OR
clamavclamavMatch0.21
OR
clamavclamavMatch0.22
OR
clamavclamavMatch0.23
OR
clamavclamavMatch0.24
OR
clamavclamavMatch0.51
OR
clamavclamavMatch0.52
OR
clamavclamavMatch0.53
OR
clamavclamavMatch0.54
OR
clamavclamavMatch0.60
OR
clamavclamavMatch0.60p
OR
clamavclamavMatch0.65
OR
clamavclamavMatch0.66
OR
clamavclamavMatch0.67
OR
clamavclamavMatch0.67-1
OR
clamavclamavMatch0.68
OR
clamavclamavMatch0.68.1
OR
clamavclamavMatch0.70
OR
clamavclamavMatch0.70rc
OR
clamavclamavMatch0.71
OR
clamavclamavMatch0.72
OR
clamavclamavMatch0.73
OR
clamavclamavMatch0.74
OR
clamavclamavMatch0.75
OR
clamavclamavMatch0.75.1
OR
clamavclamavMatch0.80
OR
clamavclamavMatch0.80rc
OR
clamavclamavMatch0.80rc1
OR
clamavclamavMatch0.80rc2
OR
clamavclamavMatch0.80rc3
OR
clamavclamavMatch0.80rc4
OR
clamavclamavMatch0.80_rc
OR
clamavclamavMatch0.81
OR
clamavclamavMatch0.81rc1
OR
clamavclamavMatch0.82
OR
clamavclamavMatch0.83
OR
clamavclamavMatch0.84
OR
clamavclamavMatch0.84rc1
OR
clamavclamavMatch0.84rc2
OR
clamavclamavMatch0.85
OR
clamavclamavMatch0.85.1
OR
clamavclamavMatch0.86
OR
clamavclamavMatch0.86rc1
OR
clamavclamavMatch0.86.1
OR
clamavclamavMatch0.86.2

Related

cvelist 1
nvd 1
debiancve 1
ubuntucve 1
debian 2
osv 1
openvas 3
nessus 3
gentoo 1
cvelist
cvelist
CVE-2005-3501
2005-11-05 11:00:00
nvd
nvd
CVE-2005-3501
2005-11-05 11:02:00
debiancve
debiancve
CVE-2005-3501
2005-11-05 11:02:00
ubuntucve
ubuntucve
CVE-2005-3501
2005-11-05 00:00:00
debian
debian
[SECURITY] [DSA 887-1] New ClamAV packages fix several vulnerabilities
2005-11-07 18:03:05
[SECURITY] [DSA 887-1] New ClamAV packages fix several vulnerabilities
2005-11-07 18:03:05
osv
osv
clamav - several
2005-11-07 00:00:00
openvas
openvas
SLES9: Security update for clamav
2009-10-10 00:00:00
SLES9: Security update for clamav
2009-10-10 00:00:00
Debian: Security Advisory (DSA-887-1)
2023-03-08 00:00:00
nessus
nessus
Debian DSA-887-1 : clamav - several vulnerabilities
2006-10-14 00:00:00
Mandrake Linux Security Advisory : clamav (MDKSA-2005:205)
2006-01-15 00:00:00
GLSA-200511-04 : ClamAV: Multiple vulnerabilities
2005-11-07 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2005-11-06 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.3%

JSON
Related for CVE-2005-3501
cvelist1nvd1debiancve1ubuntucve1debian2osv1openvas3nessus3gentoo1