CVE-2007-0897 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0897
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0897

Description: Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32531 SUSE http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html ST 1017659 SAID Secunia Advisory: SA24425 Secunia Advisory: SA24332 Secunia Advisory: SA24319 Secunia Advisory: SA24192 Secunia Advisory: SA24183 Secunia Advisory: SA24187 Secunia Advisory: SA29420 OSVDB 32283 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:043 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475 GENTOO http://security.gentoo.org/glsa/glsa-200703-03.xml DEBIAN http://www.debian.org/security/2007/dsa-1263 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 BID 22580 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.