ID CVE-2006-5874
Summary Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:clam_anti-virus:clamav:.
    cpe:2.3:a:clam_anti-virus:clamav:.
  • cpe:2.3:a:clam_anti-virus:clamav:0.80
    cpe:2.3:a:clam_anti-virus:clamav:0.80
  • cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1
    cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1
  • cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2
    cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2
  • cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3
    cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3
  • cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4
    cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4
  • cpe:2.3:a:clam_anti-virus:clamav:0.81
    cpe:2.3:a:clam_anti-virus:clamav:0.81
  • cpe:2.3:a:clam_anti-virus:clamav:0.81_rc1
    cpe:2.3:a:clam_anti-virus:clamav:0.81_rc1
  • cpe:2.3:a:clam_anti-virus:clamav:0.82
    cpe:2.3:a:clam_anti-virus:clamav:0.82
  • cpe:2.3:a:clam_anti-virus:clamav:0.83
    cpe:2.3:a:clam_anti-virus:clamav:0.83
  • cpe:2.3:a:clam_anti-virus:clamav:0.84
    cpe:2.3:a:clam_anti-virus:clamav:0.84
  • cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1
    cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1
  • cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2
    cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2
  • cpe:2.3:a:clam_anti-virus:clamav:0.85
    cpe:2.3:a:clam_anti-virus:clamav:0.85
  • cpe:2.3:a:clam_anti-virus:clamav:0.85.1
    cpe:2.3:a:clam_anti-virus:clamav:0.85.1
  • cpe:2.3:a:clam_anti-virus:clamav:0.86
    cpe:2.3:a:clam_anti-virus:clamav:0.86
  • cpe:2.3:a:clam_anti-virus:clamav:0.86.1
    cpe:2.3:a:clam_anti-virus:clamav:0.86.1
  • cpe:2.3:a:clam_anti-virus:clamav:0.86.2
    cpe:2.3:a:clam_anti-virus:clamav:0.86.2
  • cpe:2.3:a:clam_anti-virus:clamav:0.86_rc1
    cpe:2.3:a:clam_anti-virus:clamav:0.86_rc1
  • cpe:2.3:a:clam_anti-virus:clamav:0.87
    cpe:2.3:a:clam_anti-virus:clamav:0.87
  • cpe:2.3:a:clam_anti-virus:clamav:0.87.1
    cpe:2.3:a:clam_anti-virus:clamav:0.87.1
  • cpe:2.3:a:clam_anti-virus:clamav:0.88
    cpe:2.3:a:clam_anti-virus:clamav:0.88
CVSS
Base: 5.0 (as of 11-12-2006 - 07:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CLAMAV-2390.NASL
    description This update to ClamAV version 0.88.7 fixes various bugs : - Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a NULL pointer dereference. (CVE-2006-5874) - Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 / CVE-2006-6406. (CVE-2006-6481) - Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. (CVE-2006-6406)
    last seen 2019-02-21
    modified 2014-08-20
    plugin id 29397
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29397
    title SuSE 10 Security Update : clamav (ZYPP Patch Number 2390)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1232.NASL
    description Stephen Gran discovered that malformed base64-encoded MIME attachments can lead to denial of service through a NULL pointer dereference.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 23845
    published 2006-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23845
    title Debian DSA-1232-1 : clamav - missing sanity checks
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CLAMAV-2391.NASL
    description This update to ClamAV version 0.88.7 fixes various bugs : CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a NULL pointer dereference. CVE-2006-6481: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406. CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27177
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27177
    title openSUSE 10 Security Update : clamav (clamav-2391)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-230.NASL
    description The latest version of ClamAV, 0.88.7, fixes some bugs, including vulnerabilities with handling base64-encoded MIME attachment files that can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus detection (CVE-2006-6406). As well, a vulnerability was discovered that allows remote attackers to cause a stack overflow and application crash by wrapping many layers of multipart/mixed content around a document (CVE-2006-6481). The latest ClamAV is being provided to address these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24613
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24613
    title Mandrake Linux Security Advisory : clamav (MDKSA-2006:230)
refmap via4
bid 21510
debian DSA-1232
mandriva MDKSA-2006:230
secunia
  • 23327
  • 23362
  • 23411
suse SUSE-SA:2006:078
Last major update 15-09-2010 - 01:30
Published 09-12-2006 - 21:28
Back to Top