Debian Clamav vulnerabilities

CVE-2010-3434 [CRITICAL] CVE-2010-3434: clamav - Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in Clam... Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed in 0.96.3+dfsg-1) bullse

CVE-2010-4261 [HIGH] CVE-2010-4261: clamav - Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV be... Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed in 0.96.5+dfsg

CVE-2010-0405 [MEDIUM] CVE-2010-0405: bzip2 - Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and lib... Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file. Scope: local bookworm: resolved (fixed in 1.0.5-6) bullseye: resolved (fixed in 1.0.5-6) forky: resolved (fixed in 1.0.5-

CVE-2010-4479 [MEDIUM] CVE-2010-4479: clamav - Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows r... Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260. Scope: local bookworm: resolved (fixed in 0.96.5+dfsg-1) bullseye: resolved (fixed in 0.96.5+dfsg-1

CVE-2010-4260 [MEDIUM] CVE-2010-4260: clamav - Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96... Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396." Scope: local bookworm: resolved (fixed in 0.96.5+dfsg-1) bullseye: resolved (fixed in 0.96.5+dfsg-1) forky: reso

CVE-2010-1639 [MEDIUM] CVE-2010-1639: clamav - The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote at... The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. Scope: local bookworm: resolved (fixed in 0.96.1+dfsg-1) bullseye: resolved (fixed in 0.96.1+dfsg-1) forky: resolved (fixed in 0.9

CVE-2010-1640 [MEDIUM] CVE-2010-1640: clamav - Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.9... Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. Scope: local bookworm: resolved (fixed in 0.96.1+dfsg-1) bullseye: resolved (fixed in 0.96.1+dfsg-1) forky: resolved (fixe

CVE-2010-0058 [MEDIUM] CVE-2010-0058: clamav - freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has a... freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has an incorrect launchd.plist ProgramArguments key and consequently does not run, which might allow remote attackers to introduce viruses into the system. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2010-1311 [MEDIUM] CVE-2010-1311: clamav - The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows r... The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed in 0.96+dfsg-2)

CVE-2009-1372 [CRITICAL] CVE-2009-1372: clamav - Stack-based buffer overflow in the cli_url_canon function in libclamav/phishchec... Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. Scope: local bookworm: resolved (fixed in 0.95.1+dfsg-1) bullseye: resolved (fixed in 0.95.1+dfsg-1) forky: resolved (fixed in 0.95

CVE-2009-1241 [HIGH] CVE-2009-1241: clamav - Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypas... Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive. Scope: local bookworm: resolved (fixed in 0.95+dfsg-1) bullseye: resolved (fixed in 0.95+dfsg-1) forky: resolved (fixed in 0.95+dfsg-1) sid: resolved (fixed in 0.95+dfsg-1) trixie: resolved (fixed in 0.95+dfsg-1)

CVE-2009-1371 [MEDIUM] CVE-2009-1371: clamav - The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows r... The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding. Scope: local bookworm: resolved (fixed in 0.95.1+dfsg-1) bullseye: resolved (fixed in 0.95.1+dfsg-1) forky: resolved (fixed in 0.95.1+dfsg-1) sid: resolved (fixed in 0.95.1+dfsg-1) t

CVE-2009-1270 [HIGH] CVE-2009-1270: clamav - libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denia... libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang. Scope: local bookworm: resolved (fixed in 0.95.1+dfsg-1) bullseye: resolved (fixed in 0.95.1+dfsg-1) forky: resolved (fixed in 0.95.1+dfsg-1) sid: resolved (fixed in 0.95.1+dfsg-1) trixie: re

CVE-2009-1601 [MEDIUM] CVE-2009-1601: clamav - The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu... The Ubuntu clamav-milter.init script in clamav-milter before 0.95.1+dfsg-1ubuntu1.2 in Ubuntu 9.04 sets the ownership of the current working directory to the clamav account, which might allow local users to bypass intended access restrictions via read or write operations involving this directory. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid:

CVE-2009-3736 [MEDIUM] CVE-2009-3736: bochs - ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham ... ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-0728 [CRITICAL] CVE-2008-0728: clamav - The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has... The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption." Scope: local bookworm: resolved (fixed in 0.92.1~dfsg-1) bullseye: resolved (fixed in 0.92.1~dfsg-1) forky: resolved (fixed in 0.92.1~dfsg-1) sid: resolved (fixed in 0.92.1~dfsg-1) trixie: resolved (fixed in 0.92.1~dfsg-

CVE-2008-5050 [CRITICAL] CVE-2008-5050: clamav - Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in C... Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.94.dfsg.1-1) bullseye: resolved

CVE-2008-1100 [CRITICAL] CVE-2008-1100: clamav - Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for Cla... Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. Scope: local bookworm: resolved (fixed in 0.92.1~dfsg2-1) bullseye: resolved (fixed in 0.92.1~dfsg2-1) forky: resolved (fixed in 0.92.1~dfsg2-1) sid: resolved (fixed in 0.92.1~dfsg2-1) tri

CVE-2008-3914 [CRITICAL] CVE-2008-3914: clamav - Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact a... Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c. Scope: local bookworm: resolved (fixed in 0.94.dfsg-1) bullseye: resolved (fixed in 0.94.dfsg-1) forky: resolved (fixed in 0.94.dfsg-1) sid: resolved (fixed in 0.94.

CVE-2008-3912 [MEDIUM] CVE-2008-3912: clamav - libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (N... libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. Scope: local bookworm: resolved (fixed in 0.94.dfsg-1) bullseye: resolved (fixed in 0.94.dfsg-1) forky: resolved (fixed in 0.94.dfsg-1) sid: resolved (fixed in 0.94.dfsg-1) trixie: resolved (