unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:32
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://kolab.org/security/kolab-vendor-notice-15.txt - | |
| References | () http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html - Patch | |
| References | () http://osvdb.org/35522 - | |
| References | () http://secunia.com/advisories/25523 - | |
| References | () http://secunia.com/advisories/25525 - | |
| References | () http://secunia.com/advisories/25688 - | |
| References | () http://secunia.com/advisories/25796 - | |
| References | () http://security.gentoo.org/glsa/glsa-200706-05.xml - | |
| References | () http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog - | |
| References | () http://www.debian.org/security/2007/dsa-1320 - | |
| References | () http://www.novell.com/linux/security/advisories/2007_33_clamav.html - | |
| References | () http://www.securityfocus.com/bid/24289 - | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/34778 - | |
| References | () https://wwws.clamav.net/bugzilla/show_bug.cgi?id=521 - Patch |
Information
Published : 2007-06-07 21:30
Updated : 2024-11-21 00:32
NVD link : CVE-2007-3123
Mitre link : CVE-2007-3123
CVE.ORG link : CVE-2007-3123
JSON object : View
Products Affected
clam_anti-virus
- clamav
CWE