Bug 432753 - (CVE-2008-0318) CVE-2008-0318 clamav: Integer overflow in libclamav
CVE-2008-0318 clamav: Integer overflow in libclamav
Status: CLOSED UPSTREAM
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
: Security
: 432624 (view as bug list)
Depends On: 432623
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-13 23:58 EST by Lubomir Kundrak
Modified: 2008-02-14 10:26 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-14 00:02:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2008-02-13 23:58:13 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0318 to the following vulnerability:

Integer overflow in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

References:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658
http://sourceforge.net/project/shownotes.php?release_id=575703
Comment 1 Lubomir Kundrak 2008-02-14 00:02:48 EST
Fedora 7, 8 and devel were all upgraded to clamav 0.92.1.
Comment 2 Lubomir Kundrak 2008-02-14 00:27:40 EST
*** Bug 432624 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.