Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2006-5295

Published: 16/10/2006 Updated: 20/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Clam Anti-virus

Vulnerability Summary

Unspecified vulnerability in ClamAV prior to 0.88.5 allows remote malicious users to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."

Vulnerable Product Search on Vulmon Subscribe to Product

clam anti-virus clamav 0.15

clam anti-virus clamav 0.20

clam anti-virus clamav 0.21

clam anti-virus clamav 0.54

clam anti-virus clamav 0.60

clam anti-virus clamav 0.71

clam anti-virus clamav 0.72

clam anti-virus clamav 0.80_rc2

clam anti-virus clamav 0.80_rc3

clam anti-virus clamav 0.80_rc4

clam anti-virus clamav 0.84_rc2

clam anti-virus clamav 0.85

clam anti-virus clamav 0.87.1

clam anti-virus clamav 0.88

clam anti-virus clamav .

clam anti-virus clamav 0.52

clam anti-virus clamav 0.53

clam anti-virus clamav 0.68.1

clam anti-virus clamav 0.70

clam anti-virus clamav 0.80

clam anti-virus clamav 0.80_rc1

clam anti-virus clamav 0.84

clam anti-virus clamav 0.84_rc1

clam anti-virus clamav 0.86_rc1

clam anti-virus clamav 0.87

clam anti-virus clamav 0.22

clam anti-virus clamav 0.23

clam anti-virus clamav 0.60p

clam anti-virus clamav 0.65

clam anti-virus clamav 0.73

clam anti-virus clamav 0.74

clam anti-virus clamav 0.81

clam anti-virus clamav 0.81_rc1

clam anti-virus clamav 0.85.1

clam anti-virus clamav 0.86

clam anti-virus clamav 0.88.1

clam anti-virus clamav 0.88.3

clam anti-virus clamav 0.24

clam anti-virus clamav 0.51

clam anti-virus clamav 0.67

clam anti-virus clamav 0.68

clam anti-virus clamav 0.75

clam anti-virus clamav 0.75.1

clam anti-virus clamav 0.82

clam anti-virus clamav 0.83

clam anti-virus clamav 0.86.1

clam anti-virus clamav 0.86.2

clam anti-virus clamav

Exploits

Exploit DB: Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)
#!/usr/bin/perl # # Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability # Took Damian Put's poc and shortened it just a little # All credits to Damian Put (pucik[at]gazetapl) (pucik[@]overflowpl) wwwoverflowpl # /str0ke my $clam = "\x49\x54\x53\x46\x03\x00\x00\x00\x60\x00\x00\x00\x01\x00\x00\x00\x4E\x77\xBC\x98\x15\x04\x00\x00\x10 ...

References

NVD-CWE-Otherhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423http://www.securityfocus.com/bid/20537http://secunia.com/advisories/22370http://www.novell.com/linux/security/advisories/2006_60_clamav.htmlhttp://securitytracker.com/id?1017068http://secunia.com/advisories/22421http://secunia.com/advisories/22498http://kolab.org/security/kolab-vendor-notice-13.txthttp://www.debian.org/security/2006/dsa-1196http://secunia.com/advisories/22488http://secunia.com/advisories/22537http://security.gentoo.org/glsa/glsa-200610-10.xmlhttp://secunia.com/advisories/22551http://secunia.com/advisories/22626http://www.mandriva.com/security/advisories?name=MDKSA-2006:184http://www.vupen.com/english/advisories/2006/4264http://www.vupen.com/english/advisories/2006/4136http://www.vupen.com/english/advisories/2006/4034https://exchange.xforce.ibmcloud.com/vulnerabilities/29608https://nvd.nist.govhttps://www.exploit-db.com/exploits/2586/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook