Vulnerability CVE-2006-1614: Information

Description

Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Severity: MEDIUM (5.1)

URL: https://nvd.nist.gov/vuln/detail/CVE-2006-1614

Published: April 7, 2006

Modified: Oct. 18, 2018

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://www.overflow.pl/adv/clamavupxinteger.txt	Exploit Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638	Patch
DSA-1024	Patch Vendor Advisory
17388
19534	Patch Vendor Advisory
19536	Patch Vendor Advisory
GLSA-200604-06
2006-0020
19570
SUSE-SA:2006:020
19608
19564
19567
24457
1015887
APPLE-SA-2006-05-11
TA06-132A	US Government Resource
20077
17951
http://up2date.astaro.com/2006/05/low_up2date_6202.html
23719
MDKSA-2006:067
ADV-2006-1779
ADV-2006-1258
clamav-pe-overflow(25660)
20060406 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration)

Affected configurations:
1. Configuration 1
  cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.68:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.67:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.54:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.53:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.60:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.68.1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.51:*:*:*:*:*:*:*
  cpe:2.3:a:clam_anti-virus:clamav:0.52:*:*:*:*:*:*:*

Version: v24.4.2

Vulnerability CVE-2006-1614: Information

Description

References to Advisories, Solutions, and Tools

Configuration 1