CVE-2005-2450Anti-virus Clamav vulnerability

5 documents5 sources
Severity
7.5HIGHNVD
EPSS
3.6%
top 12.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ClamavClam Anti-virus Clamav
Timeline
PublishedAug 3
Latest updateMay 1

Description

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianclamav/clamav< 0.86.2-1+3
NVDclam_anti-virus/clamav0.85, 0.85.1, 0.86+2

Patches

Patch: sourceforge.netPatch: sourceforge.net

🔴Vulnerability Details

3
GHSA
GHSA-58m7-x875-69xf: Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 02022-05-01
OSV
CVE-2005-2450: Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 02005-08-03
CVEList
CVE-2005-2450: Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 02005-08-03

📋Vendor Advisories

1
Debian
CVE-2005-2450: clamav - Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format proc...2005
CVE-2005-2450 — Clam Anti-virus Clamav vulnerability | cvebase