Vulnerability CVE-2011-3627: Information

Description

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.

Severity: MEDIUM (4.3)

References to Advisories, Solutions, and Tools

1. Affected configurations:

   1. Configuration 1

      cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.97:rc:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*

      End including

      0.97.2

      ---

      cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96.5:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.97:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*

      ---