CVE-2005-2056Anti-virus Clamav vulnerability

5 documents5 sources
Severity
2.6LOWNVD
EPSS
1.1%
top 21.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ClamavClam Anti-virus Clamav
Timeline
PublishedJun 29
Latest updateMay 1

Description

The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

Debianclamav/clamav< 0.86.1-1+3
NVDclam_anti-virus/clamav0.85, 0.85.1, 0.86+2

Patches

Patch: sourceforge.netPatch: www.gentoo.orgPatch: sourceforge.net

🔴Vulnerability Details

3
GHSA
GHSA-hf7g-3cqf-wr2c: The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 02022-05-01
OSV
CVE-2005-2056: The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 02005-06-29
CVEList
CVE-2005-2056: The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 02005-06-28

📋Vendor Advisories

1
Debian
CVE-2005-2056: clamav - The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows...2005
CVE-2005-2056 — Clam Anti-virus Clamav vulnerability | cvebase