CVE-2005-3500 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-3500
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3500

Description: The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.

CVE Status: Candidate

References: SUSE ST 1015154 SREASON http://securityreason.com/securityalert/152 SAID Secunia Advisory: SA17434 Secunia Advisory: SA17559 Secunia Advisory: SA17184 Secunia Advisory: SA17451 Secunia Advisory: SA17501 OSVDB 20483 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:205 IDEFENSE http://www.idefense.com/application/poi/display?id=333&type=vulnerabilities GENTOO http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml DEBIAN http://www.debian.org/security/2005/dsa-887 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=368319 BID 15316

Return to the previous page.