Lucene search
GoogleOSV:DSA-1497-1HistoryFeb 16, 2008 - 12:00 a.m.
clamav - several vulnerabilities
2008-02-1600:00:00
Google
osv.dev
15
EPSS
0.421
Percentile
97.4%
Several vulnerabilities have been discovered in the Clam anti-virus
toolkit, which may lead to the execution of arbitrary code or local denial
of service. The Common Vulnerabilities and Exposures project identifies
the following problems:
- CVE-2007-6595
It was discovered that temporary files are created insecurely,
which may result in local denial of service by overwriting files. - CVE-2008-0318
Silvio Cesare discovered an integer overflow in the parser for PE
headers.
The version of clamav in the old stable distribution (sarge) is no
longer supported with security updates.
For the stable distribution (etch), these problems have been fixed in
version 0.90.1dfsg-3etch10. In addition to these fixes, this update
also incorporates changes from the upcoming point release of the
stable distribution (non-free RAR handling code was removed).
We recommend that you upgrade your clamav packages.
References
Related
openvas
openvas
Debian Security Advisory DSA 1497-1 (clamav)
2008-02-28 00:00:00
Debian: Security Advisory (DSA-1497-1)
2008-02-28 00:00:00
FreeBSD Ports: clamav
2008-09-04 00:00:00
debian
debian
[SECURITY] [DSA 1497-1] New clamav packages fix several vulnerabilities
2008-02-16 15:26:12
nessus
nessus
Debian DSA-1497-1 : clamav - several vulnerabilities
2008-02-18 00:00:00
FreeBSD : clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability (be4b0529-dbaf-11dc-9791-000ea6702141)
2008-02-18 00:00:00
Fedora 7 : clamav-0.92.1-1.fc7 (2008-1608)
2008-02-14 00:00:00
redhatcve
redhatcve
CVE-2007-6595
2019-10-04 21:29:07
CVE-2008-0318
2019-10-04 21:38:24
cvelist
cvelist
CVE-2007-6595
2007-12-31 19:00:00
CVE-2008-0318
2008-02-12 19:00:00
nvd
nvd
CVE-2007-6595
2007-12-31 19:46:00
CVE-2008-0318
2008-02-12 20:00:00
cve
cve
CVE-2007-6595
2007-12-31 19:46:00
CVE-2008-0318
2008-02-12 20:00:00
debiancve
debiancve
CVE-2007-6595
2007-12-31 19:46:00
CVE-2008-0318
2008-02-12 20:00:00
prion
prion
Code injection
2007-12-31 19:46:00
Integer overflow
2008-02-12 20:00:00
ubuntucve
ubuntucve
CVE-2007-6595
2007-12-31 00:00:00
CVE-2008-0318
2008-02-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package clamav version 0.92.1-alt1
2008-02-12 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.92.1-alt1
2008-02-12 00:00:00
Security fix for the ALT Linux 8 package clamav version 0.92.1-alt1
2008-02-12 00:00:00
freebsd
freebsd
clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability
2008-01-07 00:00:00
checkpoint_advisories
checkpoint_advisories
ClamAV libclamav PE File Handling Integer Overflow (CVE-2008-0318)
2009-10-07 00:00:00
securityvulns
securityvulns
ClamAV antivirus integer overflow
2008-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: clamav-0.92.1-1.fc8
2008-02-13 05:16:27
[SECURITY] Fedora 7 Update: clamav-0.92.1-1.fc7
2008-02-13 05:14:44
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2008-02-21 00:00:00
ClamAV: Multiple Denials of Service
2008-08-08 00:00:00
suse
suse
remote code execution in clamav
2008-04-24 17:12:58