CVE-2007-6335

2007-12-20 02:46:00 2017-09-29 03:29:53

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Clam anti-virus Clamav 0.92 (not an official CPE)

Clam anti-virus - Clamav

Advisory	Patch	Confirmed	Link
			FEDORA-2008-0115
			4862
			FEDORA-2008-0170
			clamantivirus-libclamav-mewpe-bo(39119)
			ADV-2008-0924
			ADV-2007-4253
			1019112
			26927
			MDVSA-2008:003
			GLSA-200712-20
			DSA-1435
			SUSE-SR:2008:001
			20071218 ClamAV libclamav MEW PE File Integer Overflow V...
			APPLE-SA-2008-03-18
			http://docs.info.apple.com/article.html?artnum=307562

CVE-2007-6335

2007-12-20 02:46:00 2017-09-29 03:29:53

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)