4.3

CVE-2010-1640

Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ClamavClamav Version0.96
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.89% 0.851
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://secunia.com/advisories/39895
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:110
http://www.vupen.com/english/advisories/2010/1214
Vendor Advisory
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236
http://www.openwall.com/lists/oss-security/2010/05/21/7
http://www.securityfocus.com/bid/40318
https://exchange.xforce.ibmcloud.com/vulnerabilities/58825
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031