CVE-2008-6680 — Clamav vulnerability

CWE-18910 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

4.2%

top 11.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clamav Debian Clamav

Timeline

PublishedApr 8

Latest updateMay 17

Description

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/clamav< clamav 0.95.1+dfsg-1 (bookworm)

▶Debianclamav/clamav< 0.95.1+dfsg-1+3

▶NVDclamav/clamav0.94.2+3

🔴Vulnerability Details

GHSA

GHSA-8gp4-6h2g-rfv6: libclamav/pe↗2022-05-17

▶

OSV

CVE-2008-6680: libclamav/pe↗2009-04-08

▶

📋Vendor Advisories

Ubuntu

ClamAV vulnerabilities↗2009-04-07

▶

Debian

CVE-2008-6680: clamav - libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial o...↗2008

▶

Red Hat

clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)↗

▶

Red Hat

clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)↗

▶

Red Hat

clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)↗

▶

💬Community

Bugzilla

Clam AntiVirus: Multiple vulnerabilities↗2009-09-09

▶

Bugzilla

clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)↗2009-04-09

▶