FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1100

This CVE name corresponds to:

Entered Topic
2008-04-15 clamav -- Multiple Vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1100 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-1100
Phase Assigned(20080229)

Description

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

References

Source Reference
MISC http://secunia.com/secunia_research/2008-11/advisory/
CONFIRM https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878
CONFIRM http://kolab.org/security/kolab-vendor-notice-20.txt
APPLE APPLE-SA-2008-09-15
DEBIAN DSA-1549
FEDORA FEDORA-2008-3358
FEDORA FEDORA-2008-3420
FEDORA FEDORA-2008-3900
GENTOO GLSA-200805-19
MANDRIVA MDVSA-2008:088
SUSE SUSE-SA:2008:024
CERT TA08-260A
CERT-VN VU#858595
BID 28756
BID 28784
VUPEN ADV-2008-1218
VUPEN ADV-2008-2584
SECTRACK 1019837
SECUNIA 29000
SECUNIA 29863
SECUNIA 29891
SECUNIA 29886
SECUNIA 29975
SECUNIA 30253
SECUNIA 30328
SECUNIA 31882
XF clamav-cliscanpe-bo(41789)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.