10

CVE-2008-0728

The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ClamavClamav Version <= 0.92
ClamavClamav Version0.01
ClamavClamav Version0.02
ClamavClamav Version0.3
ClamavClamav Version0.03
ClamavClamav Version0.05
ClamavClamav Version0.8 Updaterc3
ClamavClamav Version0.9 Updaterc1
ClamavClamav Version0.10
ClamavClamav Version0.12
ClamavClamav Version0.13
ClamavClamav Version0.14
ClamavClamav Version0.14 Updatepre
ClamavClamav Version0.15
ClamavClamav Version0.20
ClamavClamav Version0.21
ClamavClamav Version0.22
ClamavClamav Version0.23
ClamavClamav Version0.24
ClamavClamav Version0.51
ClamavClamav Version0.52
ClamavClamav Version0.53
ClamavClamav Version0.54
ClamavClamav Version0.60
ClamavClamav Version0.60p
ClamavClamav Version0.65
ClamavClamav Version0.66
ClamavClamav Version0.67
ClamavClamav Version0.67-1
ClamavClamav Version0.68
ClamavClamav Version0.68.1
ClamavClamav Version0.70
ClamavClamav Version0.70 Updaterc
ClamavClamav Version0.71
ClamavClamav Version0.72
ClamavClamav Version0.73
ClamavClamav Version0.74
ClamavClamav Version0.75
ClamavClamav Version0.75.1
ClamavClamav Version0.80
ClamavClamav Version0.80 Updaterc
ClamavClamav Version0.80 Updaterc1
ClamavClamav Version0.80 Updaterc2
ClamavClamav Version0.80 Updaterc3
ClamavClamav Version0.80 Updaterc4
ClamavClamav Version0.80_rc
ClamavClamav Version0.81
ClamavClamav Version0.81 Updaterc1
ClamavClamav Version0.82
ClamavClamav Version0.83
ClamavClamav Version0.84
ClamavClamav Version0.84 Updaterc1
ClamavClamav Version0.84 Updaterc2
ClamavClamav Version0.85
ClamavClamav Version0.85.1
ClamavClamav Version0.86
ClamavClamav Version0.86 Updaterc1
ClamavClamav Version0.86.1
ClamavClamav Version0.86.2
ClamavClamav Version0.87
ClamavClamav Version0.87.1
ClamavClamav Version0.88
ClamavClamav Version0.88.1
ClamavClamav Version0.88.2
ClamavClamav Version0.88.3
ClamavClamav Version0.88.4
ClamavClamav Version0.88.5
ClamavClamav Version0.88.6
ClamavClamav Version0.88.7
ClamavClamav Version0.88.7_p0
ClamavClamav Version0.88.7_p1
ClamavClamav Version0.90
ClamavClamav Version0.90 Updaterc1
ClamavClamav Version0.90 Updaterc1.1
ClamavClamav Version0.90 Updaterc2
ClamavClamav Version0.90 Updaterc3
ClamavClamav Version0.90.1
ClamavClamav Version0.90.1_p0
ClamavClamav Version0.90.2
ClamavClamav Version0.90.2_p0
ClamavClamav Version0.90.3
ClamavClamav Version0.90.3_p0
ClamavClamav Version0.90.3_p1
ClamavClamav Version0.91
ClamavClamav Version0.91 Updaterc1
ClamavClamav Version0.91 Updaterc2
ClamavClamav Version0.91.1
ClamavClamav Version0.91.2
ClamavClamav Version0.91.2_p0
ClamavClamav Version0.92_p0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.82% 0.847
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://www.vupen.com/english/advisories/2008/0924/references
Vendor Advisory
http://secunia.com/advisories/29420
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://secunia.com/advisories/29048
Vendor Advisory
http://kolab.org/security/kolab-vendor-notice-19.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
http://www.vupen.com/english/advisories/2008/0606
Vendor Advisory
http://bugs.gentoo.org/show_bug.cgi?id=209915
http://secunia.com/advisories/28907
Vendor Advisory
http://secunia.com/advisories/29001
Vendor Advisory
http://secunia.com/advisories/29026
Vendor Advisory
http://secunia.com/advisories/29060
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200802-09.xml
http://sourceforge.net/project/shownotes.php?release_id=575703
Patch
http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html
http://www.vupen.com/english/advisories/2008/0503
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/40474