CVE-2006-1614
published 2006-04-06CVE-2006-1614: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is…
PriorityP431medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
7.63%
93.8th percentile
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3fxc-8qq3-cq6g: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe
ghsa_unreviewed·2022-05-01
CVE-2006-1614 [MEDIUM] GHSA-3fxc-8qq3-cq6g: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
OSV
CVE-2006-1614: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe
osv·2006-04-06·CVSS 5.1
CVE-2006-1614 [MEDIUM] CVE-2006-1614: Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Debian
CVE-2006-1614: clamav - Integer overflow in the cli_scanpe function in the PE header parser (libclamav/p...
vendor_debian·2006·CVSS 5.1
CVE-2006-1614 [MEDIUM] CVE-2006-1614: clamav - Integer overflow in the cli_scanpe function in the PE header parser (libclamav/p...
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Scope: local
bookworm: resolved (fixed in 0.88.1-1)
bullseye: resolved (fixed in 0.88.1-1)
forky: resolved (fixed in 0.88.1-1)
sid: resolved (fixed in 0.88.1-1)
trixie: resolved (fixed in 0.88.1-1)
No detection rules found.
No public exploits indexed.
http://lists.apple.com/archives/security-announce/2006/May/msg00003.htmlhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.htmlhttp://secunia.com/advisories/19534http://secunia.com/advisories/19536http://secunia.com/advisories/19564http://secunia.com/advisories/19567http://secunia.com/advisories/19570http://secunia.com/advisories/19608http://secunia.com/advisories/20077http://secunia.com/advisories/23719http://securitytracker.com/id?1015887http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638http://up2date.astaro.com/2006/05/low_up2date_6202.htmlhttp://www.debian.org/security/2006/dsa-1024http://www.gentoo.org/security/en/glsa/glsa-200604-06.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:067http://www.osvdb.org/24457http://www.overflow.pl/adv/clamavupxinteger.txthttp://www.securityfocus.com/archive/1/430405/100/0/threadedhttp://www.securityfocus.com/bid/17388http://www.securityfocus.com/bid/17951http://www.trustix.org/errata/2006/0020http://www.us-cert.gov/cas/techalerts/TA06-132A.htmlhttp://www.vupen.com/english/advisories/2006/1258http://www.vupen.com/english/advisories/2006/1779https://exchange.xforce.ibmcloud.com/vulnerabilities/25660http://lists.apple.com/archives/security-announce/2006/May/msg00003.htmlhttp://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.htmlhttp://secunia.com/advisories/19534http://secunia.com/advisories/19536http://secunia.com/advisories/19564http://secunia.com/advisories/19567http://secunia.com/advisories/19570http://secunia.com/advisories/19608http://secunia.com/advisories/20077http://secunia.com/advisories/23719http://securitytracker.com/id?1015887http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638http://up2date.astaro.com/2006/05/low_up2date_6202.htmlhttp://www.debian.org/security/2006/dsa-1024http://www.gentoo.org/security/en/glsa/glsa-200604-06.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:067http://www.osvdb.org/24457http://www.overflow.pl/adv/clamavupxinteger.txthttp://www.securityfocus.com/archive/1/430405/100/0/threadedhttp://www.securityfocus.com/bid/17388http://www.securityfocus.com/bid/17951http://www.trustix.org/errata/2006/0020http://www.us-cert.gov/cas/techalerts/TA06-132A.htmlhttp://www.vupen.com/english/advisories/2006/1258http://www.vupen.com/english/advisories/2006/1779https://exchange.xforce.ibmcloud.com/vulnerabilities/25660
2006-04-06
Published