ID CVE-2007-1745
Summary The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
References
Vulnerable Configurations
  • cpe:2.3:a:ifenslave:ifenslave:0.88
    cpe:2.3:a:ifenslave:ifenslave:0.88
  • cpe:2.3:a:clam_anti-virus:clamav:0.90.1
    cpe:2.3:a:clam_anti-virus:clamav:0.90.1
CVSS
Base: 7.1 (as of 17-04-2007 - 15:59)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CLAMAV-3081.NASL
    description The version update to 0.90.2 fixes among other things two security problems. (CVE-2007-1745 / CVE-2007-1997)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29400
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29400
    title SuSE 10 Security Update : clamav (ZYPP Patch Number 3081)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_CLAMAV-3080.NASL
    description The version update to 0.90.2 fixes among other things two security problems (CVE-2007-1745, CVE-2007-1997).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27180
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27180
    title openSUSE 10 Security Update : clamav (clamav-3080)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200704-21.NASL
    description The remote host is affected by the vulnerability described in GLSA-200704-21 (ClamAV: Multiple vulnerabilities) iDefense Labs have reported a stack-based buffer overflow in the cab_unstore() function when processing negative values in .cab files. Multiple file descriptor leaks have also been reported in chmunpack.c, pdf.c and dblock.c when processing .chm files. Impact : A remote attacker could send a specially crafted CHM file to the scanner, possibly resulting in the remote execution of arbitrary code with the privileges of the user running ClamAV. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 25109
    published 2007-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25109
    title GLSA-200704-21 : ClamAV: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1281.NASL
    description Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1745 It was discovered that a file descriptor leak in the CHM handler may lead to denial of service. - CVE-2007-1997 It was discovered that a buffer overflow in the CAB handler may lead to the execution of arbitrary code. - CVE-2007-2029 It was discovered that a file descriptor leak in the PDF handler may lead to denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25098
    published 2007-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25098
    title Debian DSA-1281-1 : clamav - several vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-098.NASL
    description iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c. This update provides ClamAV 0.90.2 which corrects these problems and provides new functionality.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 25189
    published 2007-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25189
    title Mandrake Linux Security Advisory : clamav (MDKSA-2007:098)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2008-002.NASL
    description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-002 applied. This update contains several security fixes for a number of programs.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 31605
    published 2008-03-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31605
    title Mac OS X Multiple Vulnerabilities (Security Update 2008-002)
refmap via4
apple APPLE-SA-2008-03-18
bid 23473
confirm
debian DSA-1281
gentoo GLSA-200704-21
mandriva MDKSA-2007:098
osvdb 34913
secunia
  • 24891
  • 24920
  • 24946
  • 24996
  • 25022
  • 25028
  • 25189
  • 29420
suse SUSE-SA:2007:026
trustix 2007-0013
vupen
  • ADV-2007-1378
  • ADV-2008-0924
xf clamav-chmdecompressstream-dos(33636)
Last major update 07-03-2011 - 21:52
Published 16-04-2007 - 17:19
Last modified 28-07-2017 - 21:30
Back to Top