7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.374 Low
EPSS
Percentile
97.2%
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html
secunia.com/advisories/18379
secunia.com/advisories/18453
secunia.com/advisories/18463
secunia.com/advisories/18478
secunia.com/advisories/18548
securityreason.com/securityalert/342
securitytracker.com/id?1015457
www.clamav.net/doc/0.88/ChangeLog
www.debian.org/security/2006/dsa-947
www.gentoo.org/security/en/glsa/glsa-200601-07.xml
www.kb.cert.org/vuls/id/385908
www.mandriva.com/security/advisories?name=MDKSA-2006:016
www.osvdb.org/22318
www.securityfocus.com/bid/16191
www.trustix.org/errata/2006/0002/
www.vupen.com/english/advisories/2006/0116
www.zerodayinitiative.com/advisories/ZDI-06-001.html
exchange.xforce.ibmcloud.com/vulnerabilities/24047