FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-6481

This CVE name corresponds to:

Entered Topic
2006-12-12 clamav -- Multipart Nestings Denial of Service

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-6481 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-6481
Phase Assigned(20061211)

Description

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.

References

Source Reference
MISC http://www.quantenblog.net/security/virus-scanner-bypass
CONFIRM http://kolab.org/security/kolab-vendor-notice-14.txt
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
APPLE APPLE-SA-2008-03-18
DEBIAN DSA-1238
GENTOO GLSA-200612-18
MANDRIVA MDKSA-2006:230
SUSE SUSE-SA:2006:078
TRUSTIX 2006-0072
BID 21609
VUPEN ADV-2006-5113
VUPEN ADV-2006-4948
VUPEN ADV-2008-0924
OSVDB 31283
SECUNIA 23347
SECUNIA 23362
SECUNIA 23417
SECUNIA 23460
SECUNIA 23379
SECUNIA 23404
SECUNIA 23411
SECUNIA 29420

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.