Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-1003
HistoryFeb 23, 2011 - 7:00 p.m.

CVE-2011-1003

2011-02-2319:00:02
CWE-399
[email protected]
web.nvd.nist.gov
34
cve-2011-1003
double free vulnerability
vba_read_project_strings
libclamav
remote code execution
crafted vba data

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON

Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
clamavclamavRange0.96.5
OR
clamavclamavMatch0.01
OR
clamavclamavMatch0.02
OR
clamavclamavMatch0.3
OR
clamavclamavMatch0.03
OR
clamavclamavMatch0.05
OR
clamavclamavMatch0.8rc3
OR
clamavclamavMatch0.9rc1
OR
clamavclamavMatch0.10
OR
clamavclamavMatch0.12
OR
clamavclamavMatch0.13
OR
clamavclamavMatch0.14
OR
clamavclamavMatch0.14pre
OR
clamavclamavMatch0.15
OR
clamavclamavMatch0.20
OR
clamavclamavMatch0.21
OR
clamavclamavMatch0.22
OR
clamavclamavMatch0.23
OR
clamavclamavMatch0.24
OR
clamavclamavMatch0.51
OR
clamavclamavMatch0.52
OR
clamavclamavMatch0.53
OR
clamavclamavMatch0.54
OR
clamavclamavMatch0.60
OR
clamavclamavMatch0.60p
OR
clamavclamavMatch0.65
OR
clamavclamavMatch0.66
OR
clamavclamavMatch0.67
OR
clamavclamavMatch0.67-1
OR
clamavclamavMatch0.68
OR
clamavclamavMatch0.68.1
OR
clamavclamavMatch0.70
OR
clamavclamavMatch0.70rc
OR
clamavclamavMatch0.71
OR
clamavclamavMatch0.72
OR
clamavclamavMatch0.73
OR
clamavclamavMatch0.74
OR
clamavclamavMatch0.75
OR
clamavclamavMatch0.75.1
OR
clamavclamavMatch0.80
OR
clamavclamavMatch0.80rc
OR
clamavclamavMatch0.80rc1
OR
clamavclamavMatch0.80rc2
OR
clamavclamavMatch0.80rc3
OR
clamavclamavMatch0.80rc4
OR
clamavclamavMatch0.80_rc
OR
clamavclamavMatch0.81
OR
clamavclamavMatch0.81rc1
OR
clamavclamavMatch0.82
OR
clamavclamavMatch0.83
OR
clamavclamavMatch0.84
OR
clamavclamavMatch0.84rc1
OR
clamavclamavMatch0.84rc2
OR
clamavclamavMatch0.85
OR
clamavclamavMatch0.85.1
OR
clamavclamavMatch0.86
OR
clamavclamavMatch0.86rc1
OR
clamavclamavMatch0.86.1
OR
clamavclamavMatch0.86.2
OR
clamavclamavMatch0.87
OR
clamavclamavMatch0.87.1
OR
clamavclamavMatch0.88
OR
clamavclamavMatch0.88.1
OR
clamavclamavMatch0.88.2
OR
clamavclamavMatch0.88.3
OR
clamavclamavMatch0.88.4
OR
clamavclamavMatch0.88.5
OR
clamavclamavMatch0.88.6
OR
clamavclamavMatch0.88.7
OR
clamavclamavMatch0.88.7_p0
OR
clamavclamavMatch0.88.7_p1
OR
clamavclamavMatch0.90
OR
clamavclamavMatch0.90rc1
OR
clamavclamavMatch0.90rc1.1
OR
clamavclamavMatch0.90rc2
OR
clamavclamavMatch0.90rc3
OR
clamavclamavMatch0.90.1
OR
clamavclamavMatch0.90.1_p0
OR
clamavclamavMatch0.90.2
OR
clamavclamavMatch0.90.2_p0
OR
clamavclamavMatch0.90.3
OR
clamavclamavMatch0.90.3_p0
OR
clamavclamavMatch0.90.3_p1
OR
clamavclamavMatch0.91
OR
clamavclamavMatch0.91rc1
OR
clamavclamavMatch0.91rc2
OR
clamavclamavMatch0.91.1
OR
clamavclamavMatch0.91.2
OR
clamavclamavMatch0.91.2_p0
OR
clamavclamavMatch0.92
OR
clamavclamavMatch0.92.1
OR
clamavclamavMatch0.92_p0
OR
clamavclamavMatch0.93
OR
clamavclamavMatch0.93.1
OR
clamavclamavMatch0.93.2
OR
clamavclamavMatch0.93.3
OR
clamavclamavMatch0.94
OR
clamavclamavMatch0.94.1
OR
clamavclamavMatch0.94.2
OR
clamavclamavMatch0.95
OR
clamavclamavMatch0.95rc1
OR
clamavclamavMatch0.95rc2
OR
clamavclamavMatch0.95src1
OR
clamavclamavMatch0.95src2
OR
clamavclamavMatch0.95.1
OR
clamavclamavMatch0.95.2
OR
clamavclamavMatch0.95.3
OR
clamavclamavMatch0.96
OR
clamavclamavMatch0.96rc1
OR
clamavclamavMatch0.96rc2
OR
clamavclamavMatch0.96.1
OR
clamavclamavMatch0.96.2
OR
clamavclamavMatch0.96.3
OR
clamavclamavMatch0.96.4

References

Related

nessus 11
debiancve 1
openvas 9
ubuntu 1
securityvulns 1
ubuntucve 1
prion 1
cvelist 1
nvd 1
fedora 3
gentoo 1
nessus
nessus
SuSE 11.1 Security Update : clamav (SAT Patch Number 4155)
2011-03-23 00:00:00
SuSE 10 Security Update : clamav (ZYPP Patch Number 7397)
2011-12-13 00:00:00
SuSE 10 Security Update : clamav (ZYPP Patch Number 7380)
2011-03-27 00:00:00
debiancve
debiancve
CVE-2011-1003
2011-02-23 19:00:02
openvas
openvas
Ubuntu: Security Advisory (USN-1076-1)
2011-03-07 00:00:00
ClamAV < 0.97 'vba_read_project_strings()' Double Free Memory Corruption Vulnerability
2011-02-22 00:00:00
Ubuntu Update for clamav vulnerability USN-1076-1
2011-03-07 00:00:00
ubuntu
ubuntu
ClamAV vulnerability
2011-02-28 00:00:00
securityvulns
securityvulns
ClamAV antivirus double free vulnerability
2011-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2011-1003
2011-02-23 00:00:00
prion
prion
Double free
2011-02-23 19:00:00
cvelist
cvelist
CVE-2011-1003
2011-02-23 18:00:00
nvd
nvd
CVE-2011-1003
2011-02-23 19:00:02
fedora
fedora
[SECURITY] Fedora 15 Update: clamav-0.97-1500.fc15
2011-03-09 03:12:41
[SECURITY] Fedora 14 Update: clamav-0.97-1400.fc14
2011-03-13 21:21:08
[SECURITY] Fedora 13 Update: clamav-0.97-1300.fc13
2011-03-13 21:18:26
gentoo
gentoo
Clam AntiVirus: Multiple vulnerabilities
2011-10-24 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON
Related for CVE-2011-1003
nessus11debiancve1openvas9ubuntu1securityvulns1ubuntucve1prion1cvelist1nvd1fedora3gentoo1