CVE-2006-5295
published 2006-10-16CVE-2006-5295: Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.47%
95.2th percentile
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | <= 0.88.4 | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rgw9-65gq-xj2f: Unspecified vulnerability in ClamAV before 0
ghsa_unreviewed·2022-05-01
CVE-2006-5295 [MEDIUM] GHSA-rgw9-65gq-xj2f: Unspecified vulnerability in ClamAV before 0
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
OSV
CVE-2006-5295: Unspecified vulnerability in ClamAV before 0
osv·2006-10-16·CVSS 5.0
CVE-2006-5295 [MEDIUM] CVE-2006-5295: Unspecified vulnerability in ClamAV before 0
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
Debian
CVE-2006-5295: clamav - Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cau...
vendor_debian·2006·CVSS 5.0
CVE-2006-5295 [MEDIUM] CVE-2006-5295: clamav - Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cau...
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
Scope: local
bookworm: resolved (fixed in 0.88.5-1)
bullseye: resolved (fixed in 0.88.5-1)
forky: resolved (fixed in 0.88.5-1)
sid: resolved (fixed in 0.88.5-1)
trixie: resolved (fixed in 0.88.5-1)
No detection rules found.
http://kolab.org/security/kolab-vendor-notice-13.txthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423http://secunia.com/advisories/22370http://secunia.com/advisories/22421http://secunia.com/advisories/22488http://secunia.com/advisories/22498http://secunia.com/advisories/22537http://secunia.com/advisories/22551http://secunia.com/advisories/22626http://security.gentoo.org/glsa/glsa-200610-10.xmlhttp://securitytracker.com/id?1017068http://www.debian.org/security/2006/dsa-1196http://www.mandriva.com/security/advisories?name=MDKSA-2006:184http://www.novell.com/linux/security/advisories/2006_60_clamav.htmlhttp://www.securityfocus.com/bid/20537http://www.vupen.com/english/advisories/2006/4034http://www.vupen.com/english/advisories/2006/4136http://www.vupen.com/english/advisories/2006/4264https://exchange.xforce.ibmcloud.com/vulnerabilities/29608http://kolab.org/security/kolab-vendor-notice-13.txthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423http://secunia.com/advisories/22370http://secunia.com/advisories/22421http://secunia.com/advisories/22488http://secunia.com/advisories/22498http://secunia.com/advisories/22537http://secunia.com/advisories/22551http://secunia.com/advisories/22626http://security.gentoo.org/glsa/glsa-200610-10.xmlhttp://securitytracker.com/id?1017068http://www.debian.org/security/2006/dsa-1196http://www.mandriva.com/security/advisories?name=MDKSA-2006:184http://www.novell.com/linux/security/advisories/2006_60_clamav.htmlhttp://www.securityfocus.com/bid/20537http://www.vupen.com/english/advisories/2006/4034http://www.vupen.com/english/advisories/2006/4136http://www.vupen.com/english/advisories/2006/4264https://exchange.xforce.ibmcloud.com/vulnerabilities/29608
2006-10-16
Published