CVE-2007-3725
published 2007-07-12CVE-2007-3725: The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
7.69%
93.8th percentile
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
Affected
59 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2007-3725: clamav - The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assist...
vendor_debian·2007·CVSS 4.3
CVE-2007-3725 [MEDIUM] CVE-2007-3725: clamav - The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assist...
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
Scope: local
bookworm: resolved (fixed in 0.91-1)
bullseye: resolved (fixed in 0.91-1)
forky: resolved (fixed in 0.91-1)
sid: resolved (fixed in 0.91-1)
trixie: resolved (fixed in 0.91-1)
GHSA
GHSA-hjxc-gvpm-wh37: The RAR VM (unrarvm
ghsa_unreviewed·2022-05-01
CVE-2007-3725 [MEDIUM] GHSA-hjxc-gvpm-wh37: The RAR VM (unrarvm
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
OSV
CVE-2007-3725: The RAR VM (unrarvm
osv·2007-07-12·CVSS 4.3
CVE-2007-3725 [MEDIUM] CVE-2007-3725: The RAR VM (unrarvm
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
No detection rules found.
No writeups or analysis indexed.
http://docs.info.apple.com/article.html?artnum=307562http://kolab.org/security/kolab-vendor-notice-16.txthttp://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064569.htmlhttp://osvdb.org/36907http://secunia.com/advisories/26038http://secunia.com/advisories/26164http://secunia.com/advisories/26209http://secunia.com/advisories/26226http://secunia.com/advisories/26231http://secunia.com/advisories/26377http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200708-04.xmlhttp://www.debian.org/security/2007/dsa-1340http://www.mandriva.com/security/advisories?name=MDKSA-2007:150http://www.metaeye.org/advisories/54http://www.novell.com/linux/security/advisories/2007_15_sr.htmlhttp://www.securityfocus.com/archive/1/473371/100/0/threadedhttp://www.trustix.org/errata/2007/0023/http://www.vupen.com/english/advisories/2007/2509http://www.vupen.com/english/advisories/2007/2643http://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/35367https://wwws.clamav.net/bugzilla/show_bug.cgi?id=555http://docs.info.apple.com/article.html?artnum=307562http://kolab.org/security/kolab-vendor-notice-16.txthttp://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064569.htmlhttp://osvdb.org/36907http://secunia.com/advisories/26038http://secunia.com/advisories/26164http://secunia.com/advisories/26209http://secunia.com/advisories/26226http://secunia.com/advisories/26231http://secunia.com/advisories/26377http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200708-04.xmlhttp://www.debian.org/security/2007/dsa-1340http://www.mandriva.com/security/advisories?name=MDKSA-2007:150http://www.metaeye.org/advisories/54http://www.novell.com/linux/security/advisories/2007_15_sr.htmlhttp://www.securityfocus.com/archive/1/473371/100/0/threadedhttp://www.trustix.org/errata/2007/0023/http://www.vupen.com/english/advisories/2007/2509http://www.vupen.com/english/advisories/2007/2643http://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/35367https://wwws.clamav.net/bugzilla/show_bug.cgi?id=555
2007-07-12
Published