Back to search
CVE-2007-0897
Published: Feb 16, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
22580
vdb-entry
x_refsource_BID
clamav-cabfile-dos(32531)
vdb-entry
x_refsource_XF
24187
third-party-advisory
x_refsource_SECUNIA
24192
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
32283
vdb-entry
x_refsource_OSVDB
DSA-1263
vendor-advisory
x_refsource_DEBIAN
29420
third-party-advisory
x_refsource_SECUNIA
24332
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
24425
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2007:017
vendor-advisory
x_refsource_SUSE
GLSA-200703-03
vendor-advisory
x_refsource_GENTOO
MDKSA-2007:043
vendor-advisory
x_refsource_MANDRIVA
24319
third-party-advisory
x_refsource_SECUNIA
20070215 Multiple Vendor ClamAV CAB File Denial of Service Vulnerability
third-party-advisory
x_refsource_IDEFENSE
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
24183
third-party-advisory
x_refsource_SECUNIA
1017659
vdb-entry
x_refsource_SECTRACK
ADV-2007-0623
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now