ID CVE-2004-0270
Summary libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
References
Vulnerable Configurations
  • cpe:2.3:a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*
    cpe:2.3:a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 9610
bugtraq 20040209 clamav 0.65 remote DOS exploit
confirm http://www.freebsd.org/cgi/query-pr.cgi?pr=62586
gentoo GLSA-200402-07
osvdb 3894
xf clam-antivirus-uuencoded-dos(15077)
Last major update 10-10-2017 - 01:30
Published 23-11-2004 - 05:00
Back to Top