CVE-2006-4182 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-4182
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4182

Description: Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29607 SUSE http://www.novell.com/linux/security/advisories/2006_60_clamav.html ST 1017068 SAID Secunia Advisory: SA22370 Secunia Advisory: SA22421 Secunia Advisory: SA22498 Secunia Advisory: SA22488 Secunia Advisory: SA22537 Secunia Advisory: SA22551 Secunia Advisory: SA22626 Secunia Advisory: SA23155 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:184 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 GENTOO http://security.gentoo.org/glsa/glsa-200610-10.xml DEBIAN http://www.debian.org/security/2006/dsa-1196 CONFIRM http://docs.info.apple.com/article.html?artnum=304829 http://kolab.org/security/kolab-vendor-notice-13.txt CERT-VN 180864 CERT http://www.us-cert.gov/cas/techalerts/TA06-333A.html BID 20535 APPLE http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

Return to the previous page.