CVE-2006-6406
published 2006-12-10CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
3.08%
86.0th percentile
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clamav | clamav | >= 0 < 0.88.7-1 | 0.88.7-1 |
| clamav | clamav | >= 0 < 0.88.7-1 | 0.88.7-1 |
| clamav | clamav | >= 0 < 0.88.7-1 | 0.88.7-1 |
| clamav | clamav | >= 0 < 0.88.7-1 | 0.88.7-1 |
| debian | clamav | < clamav 0.88.7-1 (bookworm) | clamav 0.88.7-1 (bookworm) |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xqx5-63qm-w35c: Clam AntiVirus (ClamAV) 0
ghsa_unreviewed·2022-05-01
CVE-2006-6406 [MEDIUM] GHSA-xqx5-63qm-w35c: Clam AntiVirus (ClamAV) 0
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
GHSA
GHSA-qpvm-hm98-hw68: Clam AntiVirus (ClamAV) 0
ghsa_unreviewed·2022-05-01·CVSS 5.0
CVE-2006-6481 [MEDIUM] GHSA-qpvm-hm98-hw68: Clam AntiVirus (ClamAV) 0
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.
OSV
CVE-2006-6481: Clam AntiVirus (ClamAV) 0
osv·2006-12-12·CVSS 5.0
CVE-2006-6481 [MEDIUM] CVE-2006-6481: Clam AntiVirus (ClamAV) 0
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.
OSV
CVE-2006-6406: Clam AntiVirus (ClamAV) 0
osv·2006-12-10·CVSS 5.0
CVE-2006-6406 [MEDIUM] CVE-2006-6406: Clam AntiVirus (ClamAV) 0
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
Debian
CVE-2006-6406: clamav - Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection...
vendor_debian·2006·CVSS 5.0
CVE-2006-6406 [MEDIUM] CVE-2006-6406: clamav - Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection...
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
Scope: local
bookworm: resolved (fixed in 0.88.7-1)
bullseye: resolved (fixed in 0.88.7-1)
forky: resolved (fixed in 0.88.7-1)
sid: resolved (fixed in 0.88.7-1)
trixie: resolved (fixed in 0.88.7-1)
Debian
CVE-2006-6481: clamav - Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of serv...
vendor_debian·2006·CVSS 5.0
CVE-2006-6481 [MEDIUM] CVE-2006-6481: clamav - Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of serv...
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.
Scope: local
bookworm: resolved (fixed in 0.88.7-1)
bullseye: resolved (fixed in 0.88.7-1)
forky: resolved (fixed in 0.88.7-1)
sid: resolved (fixed in 0.88.7-1)
trixie: resolved (fixed in 0.88.7-1)
No detection rules found.
No public exploits indexed.
http://kolab.org/security/kolab-vendor-notice-14.txthttp://secunia.com/advisories/23362http://secunia.com/advisories/23379http://secunia.com/advisories/23411http://secunia.com/advisories/23460http://www.debian.org/security/2006/dsa-1238http://www.mandriva.com/security/advisories?name=MDKSA-2006:230http://www.novell.com/linux/security/advisories/2006_78_clamav.htmlhttp://www.quantenblog.net/security/virus-scanner-bypasshttp://www.securityfocus.com/archive/1/453654/100/0/threadedhttp://www.securityfocus.com/bid/21461http://www.vupen.com/english/advisories/2006/4948http://www.vupen.com/english/advisories/2006/5113http://kolab.org/security/kolab-vendor-notice-14.txthttp://secunia.com/advisories/23362http://secunia.com/advisories/23379http://secunia.com/advisories/23411http://secunia.com/advisories/23460http://www.debian.org/security/2006/dsa-1238http://www.mandriva.com/security/advisories?name=MDKSA-2006:230http://www.novell.com/linux/security/advisories/2006_78_clamav.htmlhttp://www.quantenblog.net/security/virus-scanner-bypasshttp://www.securityfocus.com/archive/1/453654/100/0/threadedhttp://www.securityfocus.com/bid/21461http://www.vupen.com/english/advisories/2006/4948http://www.vupen.com/english/advisories/2006/5113
2006-12-10
Published