CVE-2007-0898 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0898
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0898

Description: Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32535 SUSE http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html ST 1017660 SAID Secunia Advisory: SA24425 Secunia Advisory: SA24332 Secunia Advisory: SA24319 Secunia Advisory: SA24192 Secunia Advisory: SA24183 Secunia Advisory: SA24187 Secunia Advisory: SA29420 OSVDB 32282 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:043 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=476 GENTOO http://security.gentoo.org/glsa/glsa-200703-03.xml DEBIAN http://www.debian.org/security/2007/dsa-1263 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 BID 22581 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.