5
CVE-2008-1835
- EPSS 4.03%
- Veröffentlicht 16.04.2008 16:05:00
- Zuletzt bearbeitet 16.06.2026 22:52:35
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clam Anti-virus ≫ Clamav Version <= 0.92.1
Clam Anti-virus ≫ Clamav Version0.15
Clam Anti-virus ≫ Clamav Version0.20
Clam Anti-virus ≫ Clamav Version0.21
Clam Anti-virus ≫ Clamav Version0.22
Clam Anti-virus ≫ Clamav Version0.23
Clam Anti-virus ≫ Clamav Version0.24
Clam Anti-virus ≫ Clamav Version0.51
Clam Anti-virus ≫ Clamav Version0.52
Clam Anti-virus ≫ Clamav Version0.53
Clam Anti-virus ≫ Clamav Version0.54
Clam Anti-virus ≫ Clamav Version0.60
Clam Anti-virus ≫ Clamav Version0.60p
Clam Anti-virus ≫ Clamav Version0.65
Clam Anti-virus ≫ Clamav Version0.67
Clam Anti-virus ≫ Clamav Version0.68
Clam Anti-virus ≫ Clamav Version0.68.1
Clam Anti-virus ≫ Clamav Version0.70
Clam Anti-virus ≫ Clamav Version0.71
Clam Anti-virus ≫ Clamav Version0.72
Clam Anti-virus ≫ Clamav Version0.73
Clam Anti-virus ≫ Clamav Version0.74
Clam Anti-virus ≫ Clamav Version0.75
Clam Anti-virus ≫ Clamav Version0.75.1
Clam Anti-virus ≫ Clamav Version0.80
Clam Anti-virus ≫ Clamav Version0.80_rc1
Clam Anti-virus ≫ Clamav Version0.80_rc2
Clam Anti-virus ≫ Clamav Version0.80_rc3
Clam Anti-virus ≫ Clamav Version0.80_rc4
Clam Anti-virus ≫ Clamav Version0.81
Clam Anti-virus ≫ Clamav Version0.81_rc1
Clam Anti-virus ≫ Clamav Version0.82
Clam Anti-virus ≫ Clamav Version0.83
Clam Anti-virus ≫ Clamav Version0.84
Clam Anti-virus ≫ Clamav Version0.84_rc1
Clam Anti-virus ≫ Clamav Version0.84_rc2
Clam Anti-virus ≫ Clamav Version0.85
Clam Anti-virus ≫ Clamav Version0.85.1
Clam Anti-virus ≫ Clamav Version0.86
Clam Anti-virus ≫ Clamav Version0.86.1
Clam Anti-virus ≫ Clamav Version0.86.2
Clam Anti-virus ≫ Clamav Version0.86_rc1
Clam Anti-virus ≫ Clamav Version0.87
Clam Anti-virus ≫ Clamav Version0.87.1
Clam Anti-virus ≫ Clamav Version0.88
Clam Anti-virus ≫ Clamav Version0.88.1
Clam Anti-virus ≫ Clamav Version0.88.3
Clam Anti-virus ≫ Clamav Version0.88.4
Clam Anti-virus ≫ Clamav Version0.88.5
Clam Anti-virus ≫ Clamav Version0.88.6
Clam Anti-virus ≫ Clamav Version0.88.7
Clam Anti-virus ≫ Clamav Version0.90
Clam Anti-virus ≫ Clamav Version0.90.1
Clam Anti-virus ≫ Clamav Version0.90.2
Clam Anti-virus ≫ Clamav Version0.90_rc1.1
Clam Anti-virus ≫ Clamav Version0.90_rc2
Clam Anti-virus ≫ Clamav Version0.90_rc3
Clam Anti-virus ≫ Clamav Version0.90rc1
Clam Anti-virus ≫ Clamav Version0.91
Clam Anti-virus ≫ Clamav Version0.91.1
Clam Anti-virus ≫ Clamav Version0.91.2
Clam Anti-virus ≫ Clamav Version0.91rc1
Clam Anti-virus ≫ Clamav Version0.91rc2
Clam Anti-virus ≫ Clamav Version0.92
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.03% | 0.893 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html
http://secunia.com/advisories/29891
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
http://secunia.com/advisories/31882
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
http://www.vupen.com/english/advisories/2008/2584
http://secunia.com/advisories/30328
http://security.gentoo.org/glsa/glsa-200805-19.xml
http://www.securityfocus.com/bid/28784
http://secunia.com/advisories/31576
http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41874
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=541