Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-1989

Published: 01/05/2006 Updated: 20/07/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Clam Anti-virus

Vulnerability Summary

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

Vulnerable Product Search on Vulmon Subscribe to Product

clam anti-virus clamav 0.88.1

clam anti-virus clamav 0.88

Vendor Advisories

Debian Security Advisories: DSA-1050-1 clamav -- buffer overflow
Ulf Härnhammar and an anonymous researcher from Germany discovered a vulnerability in the protocol code of freshclam, a command line utility responsible for downloading and installing virus signature updates for ClamAV, the antivirus scanner for Unix This could lead to a denial of service or potentially the execution of arbitrary code The old st ...

References

NVD-CWE-Otherhttp://www.clamav.net/security/0.88.2.htmlhttp://www.securityfocus.com/bid/17754http://secunia.com/advisories/19880http://www.debian.org/security/2006/dsa-1050http://www.gentoo.org/security/en/glsa/glsa-200605-03.xmlhttp://www.osvdb.org/25120http://secunia.com/advisories/19912http://secunia.com/advisories/19963http://www.trustix.org/errata/2006/0024http://secunia.com/advisories/19874http://secunia.com/advisories/19964http://kolab.org/security/kolab-vendor-notice-09.txthttp://lists.suse.com/archive/suse-security-announce/2006-May/0004.htmlhttp://secunia.com/advisories/20159http://secunia.com/advisories/20117http://www.novell.com/linux/security/advisories/2006_05_05.htmlhttp://lists.apple.com/archives/security-announce/2006/Jun/msg00000.htmlhttp://www.kb.cert.org/vuls/id/599220http://securitytracker.com/id?1016392http://secunia.com/advisories/20877http://www.mandriva.com/security/advisories?name=MDKSA-2006:080http://www.vupen.com/english/advisories/2006/1586http://www.vupen.com/english/advisories/2006/2566https://exchange.xforce.ibmcloud.com/vulnerabilities/26182https://www.debian.org/security/./dsa-1050https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/599220
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook