Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2007-6595

Published: 31/12/2007 Updated: 15/10/2018
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Clamav

Vulnerability Summary

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.

Vulnerable Product Search on Vulmon Subscribe to Product

clam anti-virus clamav 0.92

Vendor Advisories

Debian CVElist Bug Report Logs: Clamav vulnerable to symlink attack
Debian Bug report logs - #458532 Clamav vulnerable to symlink attack Package: clamav; Maintainer for clamav is ClamAV Team <pkg-clamav-devel@listsaliothdebianorg>; Source for clamav is src:clamav (PTS, buildd, popcon) Reported by: Neil McGovern <neilm@debianorg> Date: Tue, 1 Jan 2008 14:03:02 UTC Severity: impo ...

References

CWE-59http://www.securityfocus.com/bid/27064http://securitytracker.com/id?1019148http://securityreason.com/securityalert/3501http://kolab.org/security/kolab-vendor-notice-19.txthttp://www.debian.org/security/2008/dsa-1497http://secunia.com/advisories/28949http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:088http://secunia.com/advisories/29891http://secunia.com/advisories/31437http://security.gentoo.org/glsa/glsa-200808-07.xmlhttp://www.vupen.com/english/advisories/2008/0606https://exchange.xforce.ibmcloud.com/vulnerabilities/39339https://exchange.xforce.ibmcloud.com/vulnerabilities/39335http://www.securityfocus.com/archive/1/485631/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458532https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook