| Vulnerability Name: | CVE-2006-4018 (CCN-28286) | ||||||||||||
| Assigned: | 2006-08-07 | ||||||||||||
| Published: | 2006-08-07 | ||||||||||||
| Updated: | 2018-10-17 | ||||||||||||
| Summary: | Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. This vulnerability is addressed in the following product release: Clam Anti-Virus, ClamAV, 0.88.4 | ||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)
7.8 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2006-4018 Source: CONFIRM Type: UNKNOWN http://kolab.org/security/kolab-vendor-notice-10.txt Source: SECUNIA Type: Vendor Advisory 21368 Source: CCN Type: SA21374 Clam AntiVirus pefromupx() Buffer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 21374 Source: SECUNIA Type: Vendor Advisory 21433 Source: SECUNIA Type: Vendor Advisory 21443 Source: SECUNIA Type: Vendor Advisory 21457 Source: CCN Type: SA21497 Kolab Server ClamAV Buffer Overflow Vulnerability Source: SECUNIA Type: Vendor Advisory 21497 Source: SECUNIA Type: Vendor Advisory 21562 Source: GENTOO Type: UNKNOWN GLSA-200608-13 Source: CCN Type: SECTRACK ID: 1016645 Clam AntiVirus Heap Overflow in pefromupx() in Processing UPX Files Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1016645 Source: CCN Type: SourceForge.net: Files Clam AntiVirus Source: CONFIRM Type: Exploit, Patch, Vendor Advisory http://www.clamav.net/security/0.88.4.html Source: DEBIAN Type: UNKNOWN DSA-1153 Source: DEBIAN Type: DSA-1153 clamav -- buffer overflow Source: CCN Type: GLSA-200608-13 ClamAV: Heap buffer overflow Source: MANDRIVA Type: UNKNOWN MDKSA-2006:138 Source: SUSE Type: UNKNOWN SUSE-SA:2006:046 Source: CCN Type: OSVDB ID: 27809 Clam AntiVirus UPX libclamav/upx.c pefromupx Function rsize Value Overflow Source: CCN Type: Overflow.pl Security Advisory #6 Clam AntiVirus Win32-UPX Heap Overflow Source: MISC Type: Exploit, Patch, Vendor Advisory http://www.overflow.pl/adv/clamav_upx_heap.txt Source: BUGTRAQ Type: UNKNOWN 20060809 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow Source: BID Type: UNKNOWN 19381 Source: CCN Type: BID-19381 Clam Anti-Virus ClamAV UPX Compressed PE File Heap Buffer Overflow Vulnerability Source: TRUSTIX Type: UNKNOWN 2006-0046 Source: VUPEN Type: Vendor Advisory ADV-2006-3175 Source: VUPEN Type: Vendor Advisory ADV-2006-3275 Source: XF Type: UNKNOWN clamav-pefromupx-bo(28286) Source: XF Type: UNKNOWN clamav-pefromupx-bo(28286) Source: SUSE Type: SUSE-SA:2006:046 clamav security problem | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||