Showing 1 - 4 of 4

CVE-2008-2713

Status Candidate

Overview

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

Related Files

Gentoo Linux Security Advisory 200808-7: Posted Aug 8, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200808-07 - Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Versions less than 0.93.3 are affected.; tags | advisory; systems | linux, gentoo; advisories | CVE-2007-6595, CVE-2008-2713, CVE-2008-3215; SHA-256 | 72e5ff72652f3e908577cc6bcfb0e2b935ef32a1138deaa2c92eaaa5dc59473b; Download | Favorite | View

Debian Linux Security Advisory 1616-2: Posted Jul 28, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1616-2 - This update corrects a packaging and build error in the packages released in DSA-1616-1. Those packages, while functional, did not actually apply the fix intended. This update restores the fix to the package build; no other changes are introduced. Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.; tags | advisory, virus; systems | linux, windows, debian; advisories | CVE-2008-2713; SHA-256 | 51275dc8498a1260ec4a99764c2986c3d3164b4dc36a15ff51cec45f58d14d6a; Download | Favorite | View

Debian Linux Security Advisory 1616-1: Posted Jul 24, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1616-1 - Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.; tags | advisory, virus; systems | linux, windows, debian; advisories | CVE-2008-2713; SHA-256 | 53d2d5e8934a297dfc89e1f10ffc3e070c9fb65df9d21b132165a4b8f84908d5; Download | Favorite | View

Mandriva Linux Security Advisory 2008-122: Posted Jun 24, 2008; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.; tags | advisory, remote, denial of service; systems | linux, mandriva; advisories | CVE-2008-2713; SHA-256 | 17bd9bb761ecff369db4fa511c9daeab0f092c0a076ba06f5c71e302cdc39736; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 288 files
Ubuntu 93 files
Gentoo 29 files
indoushka 26 files
Debian 13 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
S. Dietz 2 files
jheysel-r7 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

CVE-2008-2713

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems