CVE-2006-1614 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-1614
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1614

Description: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25660 TRUSTIX http://www.trustix.org/errata/2006/0020 SUSE http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html ST 1015887 SAID Secunia Advisory: SA19534 Secunia Advisory: SA19536 Secunia Advisory: SA19570 Secunia Advisory: SA19608 Secunia Advisory: SA19564 Secunia Advisory: SA19567 Secunia Advisory: SA20077 Secunia Advisory: SA23719 OSVDB 24457 MISC http://www.overflow.pl/adv/clamavupxinteger.txt MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:067 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml DEBIAN http://www.debian.org/security/2006/dsa-1024 CONFIRM http://up2date.astaro.com/2006/05/low_up2date_6202.html http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638 CERT http://www.us-cert.gov/cas/techalerts/TA06-132A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/430405/100/0/threaded BID 17388 17951 APPLE http://lists.apple.com/archives/security-announce/2006/May/msg00003.html

Return to the previous page.