CVE-2006-0162
published 2006-01-10CVE-2006-0162: Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
10.09%
95.1th percentile
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2006-0162: clamav - Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before ...
vendor_debian·2006·CVSS 7.5
CVE-2006-0162 [HIGH] CVE-2006-0162: clamav - Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before ...
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
Scope: local
bookworm: resolved (fixed in 0.88-1)
bullseye: resolved (fixed in 0.88-1)
forky: resolved (fixed in 0.88-1)
sid: resolved (fixed in 0.88-1)
trixie: resolved (fixed in 0.88-1)
GHSA
GHSA-6wf3-8m67-h85m: Heap-based buffer overflow in libclamav/upx
ghsa_unreviewed·2022-05-01
CVE-2006-0162 [HIGH] GHSA-6wf3-8m67-h85m: Heap-based buffer overflow in libclamav/upx
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
OSV
CVE-2006-0162: Heap-based buffer overflow in libclamav/upx
osv·2006-01-10·CVSS 7.5
CVE-2006-0162 [HIGH] CVE-2006-0162: Heap-based buffer overflow in libclamav/upx
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
No detection rules found.
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.htmlhttp://secunia.com/advisories/18379http://secunia.com/advisories/18453http://secunia.com/advisories/18463http://secunia.com/advisories/18478http://secunia.com/advisories/18548http://securityreason.com/securityalert/342http://securitytracker.com/id?1015457http://www.clamav.net/doc/0.88/ChangeLoghttp://www.debian.org/security/2006/dsa-947http://www.gentoo.org/security/en/glsa/glsa-200601-07.xmlhttp://www.kb.cert.org/vuls/id/385908http://www.mandriva.com/security/advisories?name=MDKSA-2006:016http://www.osvdb.org/22318http://www.securityfocus.com/bid/16191http://www.trustix.org/errata/2006/0002/http://www.vupen.com/english/advisories/2006/0116http://www.zerodayinitiative.com/advisories/ZDI-06-001.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24047http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.htmlhttp://secunia.com/advisories/18379http://secunia.com/advisories/18453http://secunia.com/advisories/18463http://secunia.com/advisories/18478http://secunia.com/advisories/18548http://securityreason.com/securityalert/342http://securitytracker.com/id?1015457http://www.clamav.net/doc/0.88/ChangeLoghttp://www.debian.org/security/2006/dsa-947http://www.gentoo.org/security/en/glsa/glsa-200601-07.xmlhttp://www.kb.cert.org/vuls/id/385908http://www.mandriva.com/security/advisories?name=MDKSA-2006:016http://www.osvdb.org/22318http://www.securityfocus.com/bid/16191http://www.trustix.org/errata/2006/0002/http://www.vupen.com/english/advisories/2006/0116http://www.zerodayinitiative.com/advisories/ZDI-06-001.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24047
2006-01-10
Published