FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1100

This CVE name corresponds to:

Entered Topic
2008-04-15 clamav -- Multiple Vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1100 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-1100
Phase Assigned(20080229)

Description

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

References

Source Reference
MISC http://secunia.com/secunia_research/2008-11/advisory/
CONFIRM https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878
CONFIRM http://kolab.org/security/kolab-vendor-notice-20.txt
DEBIAN DSA-1549
FEDORA FEDORA-2008-3358
FEDORA FEDORA-2008-3420
FEDORA FEDORA-2008-3900
MANDRIVA MDVSA-2008:088
SUSE SUSE-SA:2008:024
CERT-VN VU#858595
BID 28756
BID 28784
FRSIRT ADV-2008-1218
SECTRACK 1019837
SECUNIA 29000
SECUNIA 29863
SECUNIA 29891
SECUNIA 29886
SECUNIA 29975
SECUNIA 30253
SECUNIA 30328
XF clamav-cliscanpe-bo(41789)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.