QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-4510

Back to search

CVE-2007-4510

Published: Aug 23, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

VendorProductVersions

n/a

n/a

affected
n/a

References

clamav-rtf-dos(36173)
vdb-entry
x_refsource_XF
GLSA-200709-14
vendor-advisory
x_refsource_GENTOO
26552
third-party-advisory
x_refsource_SECUNIA
26822
third-party-advisory
x_refsource_SECUNIA
26916
third-party-advisory
x_refsource_SECUNIA
25398
vdb-entry
x_refsource_BID
26683
third-party-advisory
x_refsource_SECUNIA
FEDORA-2007-2050
vendor-advisory
x_refsource_FEDORA
DSA-1366
vendor-advisory
x_refsource_DEBIAN
3054
third-party-advisory
x_refsource_SREASON
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
26530
third-party-advisory
x_refsource_SECUNIA
2007-0026
vendor-advisory
x_refsource_TRUSTIX
29420
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2007:018
vendor-advisory
x_refsource_SUSE
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
26751
third-party-advisory
x_refsource_SECUNIA
26654
third-party-advisory
x_refsource_SECUNIA
clamav-clihtmlnormalise-dos(36177)
vdb-entry
x_refsource_XF
MDKSA-2007:172
vendor-advisory
x_refsource_MANDRIVA
ADV-2007-2952
vdb-entry
x_refsource_VUPEN
26674
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now