Vulnerability Name:

CVE-2006-5874 (CCN-30911)

Assigned:2006-12-09
Published:2006-12-09
Updated:2010-09-15
Summary:Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2006-5874

Source: SECUNIA
Type: UNKNOWN
23327

Source: SECUNIA
Type: UNKNOWN
23362

Source: SECUNIA
Type: UNKNOWN
23411

Source: CCN
Type: SourceForge.net: Files
Clam AntiVirus - File Release Notes and Changelog - Release Name: 0.88.7

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-1232

Source: DEBIAN
Type: DSA-1232
clamav -- missing sanity checks

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:230

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:078

Source: CCN
Type: OSVDB ID: 31282
Clam AntiVirus Invalid Base64 MIME Attachment DoS

Source: CCN
Type: OSVDB ID: 31283
Clam AntiVirus Layered Base64 MIME Encoding DoS

Source: BID
Type: UNKNOWN
21510

Source: CCN
Type: BID-21510
Clam Anti-Virus MIME Attachments Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
clamav-mime-dos(30911)

Source: SUSE
Type: SUSE-SA:2006:078
clamav security update

Vulnerable Configuration:Configuration 1:
  • cpe:/a:clam_anti-virus:clamav:.:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.81_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.86_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:*:*:*:*:*:*:*:* (Version <= 0.88)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20065874
    V
    		CVE-2006-5874
    2022-06-30
    oval:org.opensuse.security:def:42281
    P
    		Security update for curl (Moderate)
    2022-05-13
    oval:org.opensuse.security:def:112078
    P
    		clamav-0.103.3-1.4 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:31752
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:31755
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:26224
    P
    		Security update for libvirt (Important)
    2022-01-05
    oval:org.opensuse.security:def:33061
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31713
    P
    		Security update for clamav (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:32230
    P
    		Security update for xen (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:31708
    P
    		Security update for webkit2gtk3 (Important)
    2021-11-23
    oval:org.opensuse.security:def:31308
    P
    		Security update for postgresql96 (Important)
    2021-11-22
    oval:org.opensuse.security:def:26156
    P
    		Security update for open-lldp (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:26142
    P
    		Security update for apache2 (Important)
    2021-10-06
    oval:org.opensuse.security:def:105621
    P
    		clamav-0.103.3-1.4 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:32174
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:31664
    P
    		Security update for cpio (Important)
    2021-08-14
    oval:org.opensuse.security:def:32161
    P
    		Security update for cpio (Important)
    2021-08-14
    oval:org.opensuse.security:def:26103
    P
    		Security update for the Linux Kernel (Important)
    2021-08-10
    oval:org.opensuse.security:def:31231
    P
    		Security update for the Linux Kernel (Important)
    2021-07-22
    oval:org.opensuse.security:def:31650
    P
    		Security update for arpwatch (Important)
    2021-06-28
    oval:org.opensuse.security:def:31651
    P
    		Security update for libsolv (Important)
    2021-06-28
    oval:org.opensuse.security:def:26073
    P
    		Security update for libjpeg-turbo (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:32117
    P
    		Security update for caribou (Important)
    2021-06-10
    oval:org.opensuse.security:def:36098
    P
    		clamav-0.98.7-0.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42505
    P
    		clamav-0.98.7-0.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42084
    P
    		Security update for qemu (Important)
    2021-06-08
    oval:org.opensuse.security:def:32095
    P
    		Security update for libxml2 (Important)
    2021-05-19
    oval:org.opensuse.security:def:31157
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:31608
    P
    		Security update for xen (Important)
    2021-04-19
    oval:org.opensuse.security:def:31145
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:31146
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:31363
    P
    		Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:32279
    P
    		Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31365
    P
    		Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31353
    P
    		Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:26200
    P
    		Security update for glibc (Moderate)
    2021-02-25
    oval:org.opensuse.security:def:31342
    P
    		Security update for screen (Important)
    2021-02-17
    oval:org.opensuse.security:def:31341
    P
    		Security update for jasper (Important)
    2021-02-16
    oval:org.opensuse.security:def:33022
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31216
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:26054
    P
    		Security update for flac (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:32838
    P
    		Security update for openexr (Moderate)
    2020-12-23
    oval:org.opensuse.security:def:32018
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:31565
    P
    		Security update for openssl (Important)
    2020-12-11
    oval:org.opensuse.security:def:32007
    P
    		Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:31084
    P
    		Security update for postgresql12 (Important)
    2020-12-04
    oval:org.opensuse.security:def:35530
    P
    		clamav-0.96-0.12.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31559
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:41937
    P
    		clamav-0.96-0.12.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35677
    P
    		clamav-0.97.3-0.2.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35874
    P
    		clamav-0.97.7-0.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25659
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25989
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26326
    P
    		Security update for MozillaThunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27061
    P
    		xorg-x11-libxcb-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30999
    P
    		Security update for IBM Java
    2020-12-01
    oval:org.opensuse.security:def:31818
    P
    		Security update for audiofile (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31921
    P
    		Security update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:31427
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31795
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:31576
    P
    		Security update for sudo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31931
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:25093
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25423
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25760
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26495
    P
    		Security update for phpMyAdmin (Important)
    2020-12-01
    oval:org.opensuse.security:def:25229
    P
    		Security update for dbus-1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25513
    P
    		Security update for java-11-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:25858
    P
    		Security update for util-linux (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26004
    P
    		Security update for shotwell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25424
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25628
    P
    		Security update for dpdk (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26001
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25723
    P
    		Security update for apache2-mod_auth_openidc (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26365
    P
    		Security update of chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:27096
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31010
    P
    		Security update for IBM Java
    2020-12-01
    oval:org.opensuse.security:def:32456
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31455
    P
    		Security update for postgresql10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31811
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31965
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31951
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32318
    P
    		Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25157
    P
    		Security update for shibboleth-sp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25507
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25799
    P
    		Security update for gcc48 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26530
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25240
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25570
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:25907
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26642
    P
    		sysstat on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25425
    P
    		Security update for bluez (Important)
    2020-12-01
    oval:org.opensuse.security:def:25709
    P
    		Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25647
    P
    		Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25851
    P
    		Security update for freerdp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26379
    P
    		Security update for irssi (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31452
    P
    		Security update for postgresql10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32495
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31512
    P
    		Recommended update for python 2.7 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31860
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32603
    P
    		squid on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31564
    P
    		Security update for squid3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31782
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32340
    P
    		Security update for socat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25081
    P
    		Security update for libarchive (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25285
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:25658
    P
    		Security update for liblouis (Low)
    2020-12-01
    oval:org.opensuse.security:def:25813
    P
    		Security update for libssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25304
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25654
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25946
    P
    		Security update for gnome-shell (Low)
    2020-12-01
    oval:org.opensuse.security:def:26677
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25436
    P
    		Security update for libgcrypt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25766
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:26838
    P
    		w3m on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25648
    P
    		Security update for python36 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25932
    P
    		Security update for gstreamer-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26277
    P
    		Security update for libreoffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26423
    P
    		Security update for opencv (Important)
    2020-12-01
    oval:org.opensuse.security:def:30998
    P
    		Security update for jasper (Low)
    2020-12-01
    oval:org.opensuse.security:def:31774
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31599
    P
    		Security update for tiff (Low)
    2020-12-01
    oval:org.opensuse.security:def:31899
    P
    		Security update for MozillaFirefox, firefox-glib2, firefox-gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32642
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32056
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:32799
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31874
    P
    		Security update for cyrus-imapd (Important)
    2020-12-01
    oval:org.opensuse.security:def:32384
    P
    		Security update for tiff (Low)
    2020-12-01
    oval:org.opensuse.security:def:25082
    P
    		Security update for ncurses (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25366
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:25711
    P
    		Security update for python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25857
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25228
    P
    		Security update for LibreOffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25432
    P
    		Security update for ibus (Important)
    2020-12-01
    oval:org.opensuse.security:def:25805
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:25960
    P
    		Security update for gimp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25500
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25850
    P
    		Security update for libreoffice (Low)
    2020-12-01
    oval:org.opensuse.security:def:26873
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.debian:def:1232
    V
    		missing sanity checks
    2006-12-09
    BACK
    clam_anti-virus clamav .
    clam_anti-virus clamav 0.80
    clam_anti-virus clamav 0.80_rc1
    clam_anti-virus clamav 0.80_rc2
    clam_anti-virus clamav 0.80_rc3
    clam_anti-virus clamav 0.80_rc4
    clam_anti-virus clamav 0.81
    clam_anti-virus clamav 0.81_rc1
    clam_anti-virus clamav 0.82
    clam_anti-virus clamav 0.83
    clam_anti-virus clamav 0.84
    clam_anti-virus clamav 0.84_rc1
    clam_anti-virus clamav 0.84_rc2
    clam_anti-virus clamav 0.85
    clam_anti-virus clamav 0.85.1
    clam_anti-virus clamav 0.86
    clam_anti-virus clamav 0.86.1
    clam_anti-virus clamav 0.86.2
    clam_anti-virus clamav 0.86_rc1
    clam_anti-virus clamav 0.87
    clam_anti-virus clamav 0.87.1
    clam_anti-virus clamav *