Lucene search

[email protected]CVE-2006-4182

HistoryOct 16, 2006 - 11:07 p.m.

CVE-2006-4182

2006-10-1623:07:00

[email protected]

web.nvd.nist.gov

clamav

cve-2006-4182

integer overflow

remote execution

denial of service

buffer overflow

portable executable

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.367 Low

EPSS

Percentile

97.2%

JSON

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.

Affected configurations

NVD

Node

clam_anti-virusclamavRange≤0.88.4

clam_anti-virusclamavMatch.

clam_anti-virusclamavMatch0.15

clam_anti-virusclamavMatch0.20

clam_anti-virusclamavMatch0.21

clam_anti-virusclamavMatch0.22

clam_anti-virusclamavMatch0.23

clam_anti-virusclamavMatch0.24

clam_anti-virusclamavMatch0.51

clam_anti-virusclamavMatch0.52

clam_anti-virusclamavMatch0.53

clam_anti-virusclamavMatch0.54

clam_anti-virusclamavMatch0.60

clam_anti-virusclamavMatch0.60p

clam_anti-virusclamavMatch0.65

clam_anti-virusclamavMatch0.67

clam_anti-virusclamavMatch0.68

clam_anti-virusclamavMatch0.68.1

clam_anti-virusclamavMatch0.70

clam_anti-virusclamavMatch0.71

clam_anti-virusclamavMatch0.72

clam_anti-virusclamavMatch0.73

clam_anti-virusclamavMatch0.74

clam_anti-virusclamavMatch0.75

clam_anti-virusclamavMatch0.75.1

clam_anti-virusclamavMatch0.80

clam_anti-virusclamavMatch0.80_rc1

clam_anti-virusclamavMatch0.80_rc2

clam_anti-virusclamavMatch0.80_rc3

clam_anti-virusclamavMatch0.80_rc4

clam_anti-virusclamavMatch0.81

clam_anti-virusclamavMatch0.81_rc1

clam_anti-virusclamavMatch0.82

clam_anti-virusclamavMatch0.83

clam_anti-virusclamavMatch0.84

clam_anti-virusclamavMatch0.84_rc1

clam_anti-virusclamavMatch0.84_rc2

clam_anti-virusclamavMatch0.85

clam_anti-virusclamavMatch0.85.1

clam_anti-virusclamavMatch0.86

clam_anti-virusclamavMatch0.86.1

clam_anti-virusclamavMatch0.86.2

clam_anti-virusclamavMatch0.86_rc1

clam_anti-virusclamavMatch0.87

clam_anti-virusclamavMatch0.87.1

clam_anti-virusclamavMatch0.88

clam_anti-virusclamavMatch0.88.1

clam_anti-virusclamavMatch0.88.3

CPENameOperatorVersion
clam_anti-virus:clamavclam anti-virus clamavle0.88.4
clam_anti-virus:clamavclam anti-virus clamaveq.
clam_anti-virus:clamavclam anti-virus clamaveq0.15
clam_anti-virus:clamavclam anti-virus clamaveq0.20
clam_anti-virus:clamavclam anti-virus clamaveq0.21
clam_anti-virus:clamavclam anti-virus clamaveq0.22
clam_anti-virus:clamavclam anti-virus clamaveq0.23
clam_anti-virus:clamavclam anti-virus clamaveq0.24
clam_anti-virus:clamavclam anti-virus clamaveq0.51
clam_anti-virus:clamavclam anti-virus clamaveq0.52

CPE	Name	Operator	Version
clam_anti-virus:clamav	clam anti-virus clamav	le	0.88.4
clam_anti-virus:clamav	clam anti-virus clamav	eq	.
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.15
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.20
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.21
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.22
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.23
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.24
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.51
clam_anti-virus:clamav	clam anti-virus clamav	eq	0.52