ID CVE-2005-2450
Summary Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.
References
Vulnerable Configurations
  • cpe:2.3:a:clam_anti-virus:clamav:0.85
    cpe:2.3:a:clam_anti-virus:clamav:0.85
  • cpe:2.3:a:clam_anti-virus:clamav:0.85.1
    cpe:2.3:a:clam_anti-virus:clamav:0.85.1
  • cpe:2.3:a:clam_anti-virus:clamav:0.86
    cpe:2.3:a:clam_anti-virus:clamav:0.86
CVSS
Base: 7.5 (as of 04-08-2005 - 09:01)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-776.NASL
    description Several bugs were discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning. The following problems were identified : - CAN-2005-2450 Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. - CVE-NOMATCH Mark Pizzolato fixed a possible infinite loop that could cause a denial of service.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 19432
    published 2005-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19432
    title Debian DSA-776-1 : clamav - integer overflows, infinite loop
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200507-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-200507-25 (Clam AntiVirus: Integer overflows) Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats. Impact : By sending a specially crafted file an attacker could execute arbitrary code with the permissions of the user running Clam AntiVirus. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 19327
    published 2005-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19327
    title GLSA-200507-25 : Clam AntiVirus: Integer overflows
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-125.NASL
    description Neel Mehta and Alex Wheeler discovered integer overflow vulnerabilities in Clam AntiVirus when handling the TNEF, CHM, and FSG file formats. By sending a specially crafted file, an attacker could execute arbitrary code with the permissions of the user running Clam AV. This update provides clamav 0.86.2 which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 19886
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19886
    title Mandrake Linux Security Advisory : clamav (MDKSA-2005:125)
refmap via4
bid 14359
bugtraq 20050725 ClamAV Multiple Rem0te Buffer Overflows
conectiva CLSA-2005:987
confirm http://sourceforge.net/project/shownotes.php?release_id=344514
gentoo GLSA-200507-25
osvdb
  • 18257
  • 18258
  • 18259
secunia
  • 16180
  • 16229
  • 16250
  • 16296
  • 16458
suse SUSE-SR:2005:018
xf clam-antivirus-file-format-gain-access(21555)
Last major update 17-10-2016 - 23:27
Published 03-08-2005 - 00:00
Last modified 10-07-2017 - 21:32
Back to Top