CVE-2007-6029
published 2007-11-20CVE-2007-6029: Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is…
PriorityP434high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.59%
83.4th percentile
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
clamav code execution via unspecified vulnerability
vendor_redhat·2007-11-15·CVSS 7.5
CVE-2007-6029 [HIGH] clamav code execution via unspecified vulnerability
clamav code execution via unspecified vulnerability
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
GHSA
GHSA-qhrg-96c8-3v5f: Unspecified vulnerability in ClamAV 0
ghsa_unreviewed·2022-05-01
CVE-2007-6029 [HIGH] CWE-94 GHSA-qhrg-96c8-3v5f: Unspecified vulnerability in ClamAV 0
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
No detection rules found.
No public exploits indexed.
http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.htmlhttp://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000069http://www.securityfocus.com/bid/26463http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.htmlhttp://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000069http://www.securityfocus.com/bid/26463
2007-11-20
Published