Published: 16/10/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions prior to 0.88.5, allows remote malicious users to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clam anti-virus clamav 0.20
clam anti-virus clamav 0.21
clam anti-virus clamav 0.54
clam anti-virus clamav 0.60
clam anti-virus clamav 0.72
clam anti-virus clamav 0.73
clam anti-virus clamav 0.80_rc3
clam anti-virus clamav 0.80_rc4
clam anti-virus clamav 0.84_rc2
clam anti-virus clamav 0.85
clam anti-virus clamav 0.85.1
clam anti-virus clamav 0.88
clam anti-virus clamav 0.88.1
clam anti-virus clamav .
clam anti-virus clamav 0.15
clam anti-virus clamav 0.52
clam anti-virus clamav 0.53
clam anti-virus clamav 0.70
clam anti-virus clamav 0.71
clam anti-virus clamav 0.80_rc1
clam anti-virus clamav 0.80_rc2
clam anti-virus clamav 0.84
clam anti-virus clamav 0.84_rc1
clam anti-virus clamav 0.87
clam anti-virus clamav 0.87.1
clam anti-virus clamav 0.24
clam anti-virus clamav 0.51
clam anti-virus clamav 0.68
clam anti-virus clamav 0.68.1
clam anti-virus clamav 0.75.1
clam anti-virus clamav 0.80
clam anti-virus clamav 0.82
clam anti-virus clamav 0.83
clam anti-virus clamav 0.86.2
clam anti-virus clamav 0.86_rc1
clam anti-virus clamav 0.22
clam anti-virus clamav 0.23
clam anti-virus clamav 0.60p
clam anti-virus clamav 0.65
clam anti-virus clamav 0.67
clam anti-virus clamav 0.74
clam anti-virus clamav 0.75
clam anti-virus clamav 0.81
clam anti-virus clamav 0.81_rc1
clam anti-virus clamav 0.86
clam anti-virus clamav 0.86.1
clam anti-virus clamav 0.88.3
clam anti-virus clamav

Clam AntiVirus <= 0884 (rebuildpe) Remote Heap Overflow PoC Damian Put pucik[at]gazetapl pucik[@]overflowpl overflowpl githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/2587exebz2 (10172006-clam_petite_heapexebz2 # milw0rmcom [2006-10-17] ...

NVD-CWE-Other http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 http://www.securityfocus.com/bid/20535 http://secunia.com/advisories/22370 http://www.novell.com/linux/security/advisories/2006_60_clamav.html http://securitytracker.com/id?1017068 http://secunia.com/advisories/22421 http://secunia.com/advisories/22498 http://kolab.org/security/kolab-vendor-notice-13.txt http://www.debian.org/security/2006/dsa-1196 http://secunia.com/advisories/22488 http://secunia.com/advisories/22537 http://security.gentoo.org/glsa/glsa-200610-10.xml http://secunia.com/advisories/22551 http://secunia.com/advisories/22626 http://www.kb.cert.org/vuls/id/180864 http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://www.us-cert.gov/cas/techalerts/TA06-333A.html http://secunia.com/advisories/23155 http://www.mandriva.com/security/advisories?name=MDKSA-2006:184 http://www.vupen.com/english/advisories/2006/4136 http://www.vupen.com/english/advisories/2006/4264 http://www.vupen.com/english/advisories/2006/4750 http://www.vupen.com/english/advisories/2006/4034 https://exchange.xforce.ibmcloud.com/vulnerabilities/29607 https://nvd.nist.gov https://www.exploit-db.com/exploits/2587/https://www.kb.cert.org/vuls/id/180864

CVE-2006-4182

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect