Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2005-3500

Published: 05/11/2005 Updated: 08/03/2011
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Clamav

Vulnerability Summary

The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) prior to 0.87.1 allows remote malicious users to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.

Vulnerable Product Search on Vulmon Subscribe to Product

clam anti-virus clamav 0.23

clam anti-virus clamav 0.24

clam anti-virus clamav 0.67

clam anti-virus clamav 0.68

clam anti-virus clamav 0.75.1

clam anti-virus clamav 0.80

clam anti-virus clamav 0.86

clam anti-virus clamav 0.86.1

clam anti-virus clamav 0.21

clam anti-virus clamav 0.22

clam anti-virus clamav 0.60

clam anti-virus clamav 0.65

clam anti-virus clamav 0.74

clam anti-virus clamav 0.75

clam anti-virus clamav 0.85

clam anti-virus clamav 0.85.1

clam anti-virus clamav 0.15

clam anti-virus clamav 0.20

clam anti-virus clamav 0.53

clam anti-virus clamav 0.54

clam anti-virus clamav 0.71

clam anti-virus clamav 0.72

clam anti-virus clamav 0.73

clam anti-virus clamav 0.83

clam anti-virus clamav 0.84

clam anti-virus clamav 0.51

clam anti-virus clamav 0.52

clam anti-virus clamav 0.68.1

clam anti-virus clamav 0.70

clam anti-virus clamav 0.81

clam anti-virus clamav 0.82

clam anti-virus clamav 0.86.2

clam anti-virus clamav 0.87

Vendor Advisories

Debian Security Advisories: DSA-887-1 clamav -- several vulnerabilities
Several vulnerabilities have been discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3239 The OLE2 unpacker allows remote attackers to cause a segmentation fault ...

References

NVD-CWE-Otherhttp://www.idefense.com/application/poi/display?id=333&type=vulnerabilitieshttp://sourceforge.net/project/shownotes.php?release_id=368319http://secunia.com/advisories/17434http://www.debian.org/security/2005/dsa-887http://www.gentoo.org/security/en/glsa/glsa-200511-04.xmlhttp://www.securityfocus.com/bid/15316http://securitytracker.com/id?1015154http://secunia.com/advisories/17559http://secunia.com/advisories/17184http://secunia.com/advisories/17451http://secunia.com/advisories/17501http://www.osvdb.org/20483http://www.mandriva.com/security/advisories?name=MDKSA-2005:205http://securityreason.com/securityalert/152http://www.vupen.com/english/advisories/2005/2294https://nvd.nist.govhttps://www.debian.org/security/./dsa-887
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook