Date: Tue, 17 Apr 2007 10:55:33 +0400 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: freebsd-security@freebsd.org Subject: VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow Message-ID: <20070417065533.GL26348@codelabs.ru>
next in thread | raw e-mail | index | archive | help
--oYAXToTM8kn9Ra/9 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Good day. Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports, but no sign of the issue in the VuXML. The entry is attached. One thing that is a bit strange is that the ChangeLog for the ClamAV (http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are messed the numbers -- there is no such CVE, at least I failed to find it via cve.mitre.org: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 But the CVE-2007-1870 is a candidate and has no relevant information, so I am not 100% sure about the correct number. -- Eygene --oYAXToTM8kn9Ra/9 Content-Type: text/plain; charset=koi8-r Content-Disposition: attachment; filename="vuln.xml" <vuln vid="unknown"> <topic>clamav -- CAB File Unstore Buffer Overflow Vulnerability</topic> <affects> <package> <name>clamav</name> <range><ge>0.90rc3</ge><lt>0.90.2</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>iDefense Security Advisory 04.16.07:</p> <blockquote cite="http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=513"> <p>Remote exploitation of a buffer overflow vulnerability in Clam AntiVirus' ClamAV allows attackers to execute arbitrary code with the privileges of the affected process.</p> <p>Successful exploitation of this vulnerability results in code execution with the privileges of the process using libclamav.</p> <p>In the case of the clamd program, this will result in executing code with the privileges of the clamav user. Unsuccessful exploitation results in the clamd process crashing.</p> </blockquote> </body> </description> <references> <cvename>CVE-2007-1870</cvename> <url>http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=513</url> <url>http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog</url> </references> <dates> <discovery>2007-04-14</discovery> </dates> </vuln> --oYAXToTM8kn9Ra/9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070417065533.GL26348>