CVE-2007-6336
published 2007-12-20CVE-2007-6336: Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
PriorityP334medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
4.21%
89.7th percentile
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | <= 0.91 | — |
| clamav | clamav | >= 0 < 0.92~dfsg-1~volatile2 | 0.92~dfsg-1~volatile2 |
| clamav | clamav | >= 0 < 0.92~dfsg-1~volatile2 | 0.92~dfsg-1~volatile2 |
| clamav | clamav | >= 0 < 0.92~dfsg-1~volatile2 | 0.92~dfsg-1~volatile2 |
| clamav | clamav | >= 0 < 0.92~dfsg-1~volatile2 | 0.92~dfsg-1~volatile2 |
| debian | clamav | < clamav 0.92~dfsg-1~volatile2 (bookworm) | clamav 0.92~dfsg-1~volatile2 (bookworm) |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x7xv-pmf2-3f74: Off-by-one error in ClamAV before 0
ghsa_unreviewed·2022-05-01
CVE-2007-6336 [MEDIUM] CWE-119 GHSA-x7xv-pmf2-3f74: Off-by-one error in ClamAV before 0
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
OSV
CVE-2007-6336: Off-by-one error in ClamAV before 0
osv·2007-12-20·CVSS 6.8
CVE-2007-6336 [MEDIUM] CVE-2007-6336: Off-by-one error in ClamAV before 0
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
Red Hat
clamav: off-by-one in the MS-ZIP decompression code
vendor_redhat·2007-12-19·CVSS 6.8
CVE-2007-6336 [MEDIUM] CWE-193 clamav: off-by-one in the MS-ZIP decompression code
clamav: off-by-one in the MS-ZIP decompression code
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
Debian
CVE-2007-6336: clamav - Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitr...
vendor_debian·2007·CVSS 6.8
CVE-2007-6336 [MEDIUM] CVE-2007-6336: clamav - Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitr...
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
Scope: local
bookworm: resolved (fixed in 0.92~dfsg-1~volatile2)
bullseye: resolved (fixed in 0.92~dfsg-1~volatile2)
forky: resolved (fixed in 0.92~dfsg-1~volatile2)
sid: resolved (fixed in 0.92~dfsg-1~volatile2)
trixie: resolved (fixed in 0.92~dfsg-1~volatile2)
No detection rules found.
No public exploits indexed.
http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.htmlhttp://secunia.com/advisories/28153http://secunia.com/advisories/28176http://secunia.com/advisories/28278http://secunia.com/advisories/28412http://secunia.com/advisories/28421http://secunia.com/advisories/28587http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200712-20.xmlhttp://securitytracker.com/id?1019150http://www.debian.org/security/2007/dsa-1435http://www.mandriva.com/security/advisories?name=MDVSA-2008:003http://www.securityfocus.com/bid/26946http://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/39169https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.htmlhttp://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.htmlhttp://secunia.com/advisories/28153http://secunia.com/advisories/28176http://secunia.com/advisories/28278http://secunia.com/advisories/28412http://secunia.com/advisories/28421http://secunia.com/advisories/28587http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200712-20.xmlhttp://securitytracker.com/id?1019150http://www.debian.org/security/2007/dsa-1435http://www.mandriva.com/security/advisories?name=MDVSA-2008:003http://www.securityfocus.com/bid/26946http://www.vupen.com/english/advisories/2008/0924/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/39169https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html
2007-12-20
Published