// For flags

CVE-2007-6335

ClamAV 0.91.2 - libclamav MEW PE Buffer Overflow

Severity Score

9.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

Desbordamiento de buffer en libclamav en ClamAV , en versiones anteriores a la 0.92. Permite que atacantes remotos ejecuten código a su elección, a través de un fichero PE empaquetado con MEW, lo que provoca un desboramiento de buffer en el heap(pila de datos dinámicos).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-12-13 CVE Reserved
  • 2007-12-20 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-189: Numeric Errors
CAPEC
References (23)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=307562 X_refsource_confirm
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634 Third Party Advisory
http://secunia.com/advisories/28153 Third Party Advisory
http://secunia.com/advisories/28176 Third Party Advisory
http://secunia.com/advisories/28278 Third Party Advisory
http://secunia.com/advisories/28412 Third Party Advisory
http://secunia.com/advisories/28421 Third Party Advisory
http://secunia.com/advisories/28587 Third Party Advisory
http://secunia.com/advisories/29420 Third Party Advisory
http://www.securityfocus.com/bid/26927 Vdb Entry
http://www.securitytracker.com/id?1019112 Vdb Entry
http://www.vupen.com/english/advisories/2007/4253 Vdb Entry
http://www.vupen.com/english/advisories/2008/0924/references Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/39119 Vdb Entry
URL Date SRC
https://www.exploit-db.com/exploits/4862 2024-08-07
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html 2017-09-29
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html 2017-09-29
http://secunia.com/advisories/28117 2017-09-29
http://security.gentoo.org/glsa/glsa-200712-20.xml 2017-09-29
http://www.debian.org/security/2007/dsa-1435 2017-09-29
http://www.mandriva.com/security/advisories?name=MDVSA-2008:003 2017-09-29
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html 2017-09-29
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html 2017-09-29
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Clam Anti-virus
Search vendor "Clam Anti-virus"
 Clamav
Search vendor "Clam Anti-virus" for product "Clamav"
 <= 0.92
Search vendor "Clam Anti-virus" for product "Clamav" and version " <= 0.92"
-
Affected