Ubuntu
clamav package

[clamav] remote vulnerabilities in versions before 0.92

Bug #180285 reported by disabled.user on 2008-01-04

This bug report is a duplicate of: Bug #177537: Remote Code Execution. Edit Remove

254

Affects		Status	Importance	Assigned to	Milestone
	clamav (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: clamav

References:
DSA DSA-1435-1 (http://www.debian.org/security/2007/dsa-1435)

Quoting:
"Several remote vulnerabilities have been discovered in the Clam
anti-virus toolkit. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2007-6335

It was discovered that an integer overflow in the decompression code
for MEW archives may lead to the execution of arbitrary code.

CVE-2007-6336

It was discovered that on off-by-one in the MS-ZIP decompression
code may lead to the execution of arbitrary code."

CVE References

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicate of bug #177537 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuclamav package