CVE-2008-0318 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0318
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0318

Description: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html ST 1019394 SAID Secunia Advisory: SA28907 Secunia Advisory: SA28913 Secunia Advisory: SA28949 Secunia Advisory: SA29001 Secunia Advisory: SA29026 Secunia Advisory: SA29060 Secunia Advisory: SA29048 Secunia Advisory: SA29420 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658 GENTOO http://security.gentoo.org/glsa/glsa-200802-09.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1497 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=209915 http://docs.info.apple.com/article.html?artnum=307562 http://kolab.org/security/kolab-vendor-notice-19.txt http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html http://sourceforge.net/project/shownotes.php?release_id=575703 BID 27751 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.