Debian Clamav vulnerabilities

CVE-2008-0318 [CRITICAL] CVE-2008-0318: clamav - Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1... Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.92.1~dfsg-1) bullseye: resolved (fixed in 0.92.1~dfs

CVE-2008-0314 [HIGH] CVE-2008-0314: clamav - Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote... Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value. Scope: local bookworm: resolved (fixed in 0.92.1~dfsg2-1) bullseye: resolved (fixed in 0.92.1~dfsg2-1) forky: resolved (fixed in 0.92.1~dfsg2-1) sid: resolved (fixed in 0.92.1~dfsg2-1) t

CVE-2008-1387 [MEDIUM] CVE-2008-1387: clamav - ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU con... ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats. Scope: local bookworm: resolved (fixed in 0.92.1~dfsg2-1) bullseye: resolved (fixed in 0.92.1~dfsg2-1) forky: resolved (fixed in 0.92.1~dfsg2-1) sid: resolved (fixed in 0.92.1~dfsg2-1

CVE-2008-3215 [MEDIUM] CVE-2008-3215: clamav - libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a de... libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713. Scope: local bookworm: resolved (fixed in 0.93.1.dfsg-1.1) bullseye: resolved (fixed in 0.93.1.dfsg-1.1) forky: resolved (fixed

CVE-2008-1833 [HIGH] CVE-2008-1833: clamav - Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote a... Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary. Scope: local bookworm: resolved (fixed in 0.92.1~dfsg2-1.1) bullseye: resolved (fixed in 0.92.1~dfsg2-1.1) forky: resolved (fixed in 0.92.1~dfsg2-1.1) sid: resolved (fixed in 0.92.1~dfsg2-1.1) trixie: resolved (fi

CVE-2008-3913 [MEDIUM] CVE-2008-3913: clamav - Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow a... Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic". Scope: local bookworm: resolved (fixed in 0.94.dfsg-1) bullseye: resolved (fixed in 0.94.dfsg-1) forky: resolved (fixed in 0.94.dfsg-1) sid: resolved (fixed in 0.94.dfsg-1

CVE-2008-6845 [MEDIUM] CVE-2008-6845: clamav - The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause... The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file. Scope: local bookworm: resolved (fixed in 0.94.dfsg-1) bullseye: resolved (fixed in 0.94.dfsg-1) forky: resolved (fixed in 0.94.dfsg-1) sid: resolved (fixed in 0.94.dfsg-1) trixie: resolved (fixed in 0.94.dfsg-1)

CVE-2008-1389 [MEDIUM] CVE-2008-1389: clamav - libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote atta... libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access." Scope: local bookworm: resolved (fixed in 0.94.dfsg-1) bullseye: resolved (fixed in 0.94.dfsg-1) forky: resolved (fixed in 0.94.dfsg-1) sid: resolved (fixed in 0.94.dfsg

CVE-2008-5314 [MEDIUM] CVE-2008-5314: clamav - Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 a... Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions. Scope: local bookworm: resolved (fixed in 0.94.dfsg.2-1) bullseye: resolved (fixed in 0.94.dfsg

CVE-2008-6680 [MEDIUM] CVE-2008-6680: clamav - libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial o... libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error. Scope: local bookworm: resolved (fixed in 0.95.1+dfsg-1) bullseye: resolved (fixed in 0.95.1+dfsg-1) forky: resolved (fixed in 0.95.1+dfsg-1) sid: resolved (fixed in 0.95.1+dfsg-1) trixie: resolved (fixed in 0.

CVE-2008-1836 [MEDIUM] CVE-2008-1836: clamav - The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remo... The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-5525 [HIGH] CVE-2008-5525: clamav - ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows... ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploi

CVE-2008-2713 [MEDIUM] CVE-2008-2713: clamav - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a de... libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. Scope: local bookworm: resolved (fixed in 0.93.1.dfsg-1.1) bullseye: resolved (fixed in 0.93.1.dfsg-1.1) forky: resolved (fixed in 0.93.1.dfsg-1.1) sid: resolved (fixed in 0.93.1.dfsg-1.1) trixie: resolved (fix

CVE-2008-1837 [MEDIUM] CVE-2008-1837: clamav - libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of ... libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-1835 [MEDIUM] CVE-2008-1835: clamav - ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a R... ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2007-6337 [CRITICAL] CVE-2007-6337: clamav - Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_pri... Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors. Scope: local bookworm: resolved (fixed in 0.92~dfsg-1~volatile2) bullseye: resolved (fixed in 0.92~dfsg-1~volatile2) forky: resolved (fixed in 0.92~dfsg-1~volatile2) sid: resolved (fixed in 0.92~dfsg-1~volatile2)

CVE-2007-3023 [CRITICAL] CVE-2007-3023: clamav - unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calcula... unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors. Scope: local bookworm: resolved (fixed in 0.90.3-1) bullseye: resolved (fixed in 0.90.3-1) forky: resolved (fixed in 0.90.3-1) sid: resolved (fixed in 0.90.3-1) trixie: resolved (fixed in 0.90.3-1)

CVE-2007-6745 [CRITICAL] CVE-2007-6745: clamav - clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. Scope: local bookworm: resolved (fixed in 0.91.2-1~volatile1) bullseye: resolved (fixed in 0.91.2-1~volatile1) forky: resolved (fixed in 0.91.2-1~volatile1) sid: resolved (fixed in 0.91.2-1~volatile1) trixie: resolved (fixed in 0.91.2-1~volatile1)

CVE-2007-0899 [CRITICAL] CVE-2007-0899: clamav - There is a possible heap overflow in libclamav/fsg.c before 0.100.0. There is a possible heap overflow in libclamav/fsg.c before 0.100.0. Scope: local bookworm: resolved (fixed in 0.90-1) bullseye: resolved (fixed in 0.90-1) forky: resolved (fixed in 0.90-1) sid: resolved (fixed in 0.90-1) trixie: resolved (fixed in 0.90-1)

CVE-2007-1997 [HIGH] CVE-2007-1997: clamav - Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in... Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.90.2-1