CVE-2008-5050 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Anti-virus Clamav

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193 — Off-by-one Error CWE-122 — Heap-based Buffer Overflow8 documents8 sources

Severity

9.3CRITICALNVD

EPSS

12.3%

top 6.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clamav Clam Anti-virus Clamav

Timeline

PublishedNov 13

Latest updateMay 14

Description

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDclam_anti-virus/clamav0.94+81

▶Debianclamav/clamav< 0.94.dfsg.1-1+3

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-594g-rvq4-vvxr: Off-by-one error in the get_unicode_name function (libclamav/vba_extract↗2022-05-14

▶

CVEList

CVE-2008-5050: Off-by-one error in the get_unicode_name function (libclamav/vba_extract↗2008-11-13

▶

OSV

CVE-2008-5050: Off-by-one error in the get_unicode_name function (libclamav/vba_extract↗2008-11-13

▶

📋Vendor Advisories

Ubuntu

ClamAV vulnerability↗2008-11-17

▶

Debian

CVE-2008-5050: clamav - Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in C...↗2008

▶

Red Hat

clamav: get_unicode_name() off-by-one buffer overflow (< 0.94.1)↗

▶

💬Community

Bugzilla

CVE-2008-5050 clamav: get_unicode_name() off-by-one buffer overflow (< 0.94.1)↗2008-11-10

▶