CVE-2008-0318
published 2008-02-12CVE-2008-0318: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and…
PriorityP343critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.88%
94.0th percentile
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | <= 0.92 | — |
| clamav | clamav | >= 0 < 0.92.1~dfsg-1 | 0.92.1~dfsg-1 |
| clamav | clamav | >= 0 < 0.92.1~dfsg-1 | 0.92.1~dfsg-1 |
| clamav | clamav | >= 0 < 0.92.1~dfsg-1 | 0.92.1~dfsg-1 |
| clamav | clamav | >= 0 < 0.92.1~dfsg-1 | 0.92.1~dfsg-1 |
| debian | clamav | < clamav 0.92.1~dfsg-1 (bookworm) | clamav 0.92.1~dfsg-1 (bookworm) |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0MEDIUM
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Gnumeric: untrusted python modules search path
vendor_redhat·2008-08-06·CVSS 6.9
CVE-2009-0318 [MEDIUM] Gnumeric: untrusted python modules search path
Gnumeric: untrusted python modules search path
Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Debian
CVE-2008-0318: clamav - Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1...
vendor_debian·2008·CVSS 10.0
CVE-2008-0318 [CRITICAL] CVE-2008-0318: clamav - Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1...
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 0.92.1~dfsg-1)
bullseye: resolved (fixed in 0.92.1~dfsg-1)
forky: resolved (fixed in 0.92.1~dfsg-1)
sid: resolved (fixed in 0.92.1~dfsg-1)
trixie: resolved (fixed in 0.92.1~dfsg-1)
Red Hat
clamav: Integer overflow in libclamav
vendor_redhat·CVSS 10.0
CVE-2008-0318 [CRITICAL] clamav: Integer overflow in libclamav
clamav: Integer overflow in libclamav
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
GHSA
GHSA-4q4c-x269-7rpf: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0
ghsa_unreviewed·2022-05-01
CVE-2008-0318 [HIGH] GHSA-4q4c-x269-7rpf: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
OSV
CVE-2008-0318: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0
osv·2008-02-12·CVSS 10.0
CVE-2008-0318 [CRITICAL] CVE-2008-0318: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2008-0318 clamav: Integer overflow in libclamav
bugzilla·2008-02-14·CVSS 10.0
CVE-2008-0318 [CRITICAL] CVE-2008-0318 clamav: Integer overflow in libclamav
CVE-2008-0318 clamav: Integer overflow in libclamav
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0318 to the following vulnerability:
Integer overflow in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
References:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658
http://sourceforge.net/project/shownotes.php?release_id=575703
Discussion:
Fedora 7, 8 and devel were all upgraded to clamav 0.92.1.
---
*** Bug 432624 has been marked as a duplicate of this bug. ***
Bugzilla
Further ClamAV libclamav PE File Integer Overflow Vulnerability
bugzilla·2008-02-13·CVSS 10.0
[CRITICAL] Further ClamAV libclamav PE File Integer Overflow Vulnerability
Further ClamAV libclamav PE File Integer Overflow Vulnerability
Description of problem:
Remote exploitation of an integer overflow vulnerability in Clam AntiVirus'
ClamAV, as included in various vendors' operating system distributions, allows
attackers to execute arbitrary code with the privileges of the affected
process.
The vulnerability exists within the code responsible for parsing and scanning
PE files. While iterating through all sections contained in the PE file,
several attacker controlled values are extracted from the file. On each
iteration, arithmetic operations are performed without taking into
consideration 32-bit integer wrap.
Since insufficient integer overflow checks are present, an attacker can cause
a heap overflow by causing a specially crafted Petite packed PE binary
Bugzilla
Further ClamAV libclamav PE File Integer Overflow Vulnerability
bugzilla·2008-02-13·CVSS 10.0
[CRITICAL] Further ClamAV libclamav PE File Integer Overflow Vulnerability
Further ClamAV libclamav PE File Integer Overflow Vulnerability
Description of problem:
Remote exploitation of an integer overflow vulnerability in Clam AntiVirus'
ClamAV, as included in various vendors' operating system distributions, allows
attackers to execute arbitrary code with the privileges of the affected
process.
The vulnerability exists within the code responsible for parsing and scanning
PE files. While iterating through all sections contained in the PE file,
several attacker controlled values are extracted from the file. On each
iteration, arithmetic operations are performed without taking into
consideration 32-bit integer wrap.
Since insufficient integer overflow checks are present, an attacker can cause
a heap overflow by causing a specially crafted Petite packed PE binary
http://bugs.gentoo.org/show_bug.cgi?id=209915http://docs.info.apple.com/article.html?artnum=307562http://kolab.org/security/kolab-vendor-notice-19.txthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.htmlhttp://secunia.com/advisories/28907http://secunia.com/advisories/28913http://secunia.com/advisories/28949http://secunia.com/advisories/29001http://secunia.com/advisories/29026http://secunia.com/advisories/29048http://secunia.com/advisories/29060http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200802-09.xmlhttp://securitytracker.com/id?1019394http://sourceforge.net/project/shownotes.php?release_id=575703http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.htmlhttp://www.debian.org/security/2008/dsa-1497http://www.mandriva.com/security/advisories?name=MDVSA-2008:088http://www.securityfocus.com/bid/27751http://www.vupen.com/english/advisories/2008/0503http://www.vupen.com/english/advisories/2008/0606http://www.vupen.com/english/advisories/2008/0924/referenceshttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00462.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00481.htmlhttp://bugs.gentoo.org/show_bug.cgi?id=209915http://docs.info.apple.com/article.html?artnum=307562http://kolab.org/security/kolab-vendor-notice-19.txthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.htmlhttp://secunia.com/advisories/28907http://secunia.com/advisories/28913http://secunia.com/advisories/28949http://secunia.com/advisories/29001http://secunia.com/advisories/29026http://secunia.com/advisories/29048http://secunia.com/advisories/29060http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200802-09.xmlhttp://securitytracker.com/id?1019394http://sourceforge.net/project/shownotes.php?release_id=575703http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.htmlhttp://www.debian.org/security/2008/dsa-1497http://www.mandriva.com/security/advisories?name=MDVSA-2008:088http://www.securityfocus.com/bid/27751http://www.vupen.com/english/advisories/2008/0503http://www.vupen.com/english/advisories/2008/0606http://www.vupen.com/english/advisories/2008/0924/referenceshttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00462.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00481.html
2008-02-12
Published