Published: 05/07/2005 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The MS-Expand file handling in Clam AntiVirus (ClamAV) prior to 0.86 allows remote malicious users to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clam anti-virus clamav 0.85
clam anti-virus clamav 0.85.1
clam anti-virus clamav 0.81
clam anti-virus clamav 0.82
clam anti-virus clamav 0.84_rc1
clam anti-virus clamav 0.83
clam anti-virus clamav 0.84_rc2

A number of potential remote denial of service vulnerabilities have been identified in ClamAV In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvdc and libclamav/messagec Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true http://sourceforge.net/project/shownotes.php?release_id=336462 http://www.debian.org/security/2005/dsa-737 https://nvd.nist.gov https://www.debian.org/security/./dsa-737

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1922

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect