Back to search
CVE-2011-1003
Published: Feb 23, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1025100
vdb-entry
x_refsource_SECTRACK
46470
vdb-entry
x_refsource_BID
70937
vdb-entry
x_refsource_OSVDB
[oss-security] 20110221 clamav 0.97
mailing-list
x_refsource_MLIST
clamav-vbareadprojectstrings-dos(65544)
vdb-entry
x_refsource_XF
ADV-2011-0458
vdb-entry
x_refsource_VUPEN
43752
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0453
vdb-entry
x_refsource_VUPEN
SUSE-SR:2011:005
vendor-advisory
x_refsource_SUSE
MDVA-2011:007
vendor-advisory
x_refsource_MANDRIVA
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486
x_refsource_CONFIRM
ADV-2011-0523
vdb-entry
x_refsource_VUPEN
FEDORA-2011-2743
vendor-advisory
x_refsource_FEDORA
USN-1076-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20110221 Re: clamav 0.97
mailing-list
x_refsource_MLIST
FEDORA-2011-2741
vendor-advisory
x_refsource_FEDORA
43392
third-party-advisory
x_refsource_SECUNIA
43498
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now