Vulnerability-Lookup

CVE-2008-1100 (GCVE-0-2008-1100)

Vulnerability from cvelistv5 – Published: 2008-04-14 16:00 – Updated: 2024-08-07 08:08

Summary

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

Severity ?

No CVSS data available.

CWE

Assigner

flexera

References

URL

Tags

	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/29000	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200805-19.xml	vendor-advisoryx_refsource_GENTOO
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/29891	third-party-advisoryx_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	third-party-advisoryx_refsource_CERT
	http://secunia.com/secunia_research/2008-11/advisory/	x_refsource_MISC
	http://www.securityfocus.com/bid/28784	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2008/2584	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/31882	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29975	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29863	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/30328	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/28756	vdb-entryx_refsource_BID
	http://secunia.com/advisories/29886	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1019837	vdb-entryx_refsource_SECTRACK
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.kb.cert.org/vuls/id/858595	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/30253	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-updates/2015-0…	vendor-advisoryx_refsource_SUSE
	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.vupen.com/english/advisories/2008/1218…	vdb-entryx_refsource_VUPEN
	http://www.debian.org/security/2008/dsa-1549	vendor-advisoryx_refsource_DEBIAN
	http://kolab.org/security/kolab-vendor-notice-20.txt	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.680Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2008:088",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
          },
          {
            "name": "FEDORA-2008-3900",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
          },
          {
            "name": "29000",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29000"
          },
          {
            "name": "GLSA-200805-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
          },
          {
            "name": "APPLE-SA-2008-09-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
          },
          {
            "name": "29891",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29891"
          },
          {
            "name": "TA08-260A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-11/advisory/"
          },
          {
            "name": "28784",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28784"
          },
          {
            "name": "ADV-2008-2584",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "name": "31882",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "name": "29975",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29975"
          },
          {
            "name": "29863",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29863"
          },
          {
            "name": "30328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30328"
          },
          {
            "name": "28756",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28756"
          },
          {
            "name": "29886",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29886"
          },
          {
            "name": "1019837",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019837"
          },
          {
            "name": "FEDORA-2008-3420",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
          },
          {
            "name": "clamav-cliscanpe-bo(41789)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
          },
          {
            "name": "VU#858595",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/858595"
          },
          {
            "name": "30253",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30253"
          },
          {
            "name": "openSUSE-SU-2015:0906",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
          },
          {
            "name": "SUSE-SA:2008:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
          },
          {
            "name": "FEDORA-2008-3358",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
          },
          {
            "name": "ADV-2008-1218",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1218/references"
          },
          {
            "name": "DSA-1549",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01.000Z",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "MDVSA-2008:088",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
        },
        {
          "name": "FEDORA-2008-3900",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
        },
        {
          "name": "29000",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29000"
        },
        {
          "name": "GLSA-200805-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
        },
        {
          "name": "APPLE-SA-2008-09-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
        },
        {
          "name": "29891",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29891"
        },
        {
          "name": "TA08-260A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-11/advisory/"
        },
        {
          "name": "28784",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28784"
        },
        {
          "name": "ADV-2008-2584",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2584"
        },
        {
          "name": "31882",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31882"
        },
        {
          "name": "29975",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29975"
        },
        {
          "name": "29863",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29863"
        },
        {
          "name": "30328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30328"
        },
        {
          "name": "28756",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28756"
        },
        {
          "name": "29886",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29886"
        },
        {
          "name": "1019837",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019837"
        },
        {
          "name": "FEDORA-2008-3420",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
        },
        {
          "name": "clamav-cliscanpe-bo(41789)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
        },
        {
          "name": "VU#858595",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/858595"
        },
        {
          "name": "30253",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30253"
        },
        {
          "name": "openSUSE-SU-2015:0906",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
        },
        {
          "name": "SUSE-SA:2008:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
        },
        {
          "name": "FEDORA-2008-3358",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
        },
        {
          "name": "ADV-2008-1218",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1218/references"
        },
        {
          "name": "DSA-1549",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-1100",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2008:088",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
            },
            {
              "name": "FEDORA-2008-3900",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
            },
            {
              "name": "29000",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29000"
            },
            {
              "name": "GLSA-200805-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
            },
            {
              "name": "APPLE-SA-2008-09-15",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
            },
            {
              "name": "29891",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29891"
            },
            {
              "name": "TA08-260A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-11/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-11/advisory/"
            },
            {
              "name": "28784",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28784"
            },
            {
              "name": "ADV-2008-2584",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2584"
            },
            {
              "name": "31882",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31882"
            },
            {
              "name": "29975",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29975"
            },
            {
              "name": "29863",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29863"
            },
            {
              "name": "30328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30328"
            },
            {
              "name": "28756",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28756"
            },
            {
              "name": "29886",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29886"
            },
            {
              "name": "1019837",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019837"
            },
            {
              "name": "FEDORA-2008-3420",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
            },
            {
              "name": "clamav-cliscanpe-bo(41789)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
            },
            {
              "name": "VU#858595",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/858595"
            },
            {
              "name": "30253",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30253"
            },
            {
              "name": "openSUSE-SU-2015:0906",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
            },
            {
              "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878",
              "refsource": "CONFIRM",
              "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
            },
            {
              "name": "SUSE-SA:2008:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
            },
            {
              "name": "FEDORA-2008-3358",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
            },
            {
              "name": "ADV-2008-1218",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1218/references"
            },
            {
              "name": "DSA-1549",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1549"
            },
            {
              "name": "http://kolab.org/security/kolab-vendor-notice-20.txt",
              "refsource": "CONFIRM",
              "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-1100",
    "datePublished": "2008-04-14T16:00:00.000Z",
    "dateReserved": "2008-02-29T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:08:57.680Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2008-1100

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

Aliases

CVE-2008-1100

Aliases

CVE-2008-1100

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-1100",
    "description": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.",
    "id": "GSD-2008-1100",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-1100.html",
      "https://www.debian.org/security/2008/dsa-1549"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-1100"
      ],
      "details": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.",
      "id": "GSD-2008-1100",
      "modified": "2023-12-13T01:23:03.230170Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2008-1100",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "MDVSA-2008:088",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
          },
          {
            "name": "FEDORA-2008-3900",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
          },
          {
            "name": "29000",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29000"
          },
          {
            "name": "GLSA-200805-19",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
          },
          {
            "name": "APPLE-SA-2008-09-15",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
          },
          {
            "name": "29891",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29891"
          },
          {
            "name": "TA08-260A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
          },
          {
            "name": "http://secunia.com/secunia_research/2008-11/advisory/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2008-11/advisory/"
          },
          {
            "name": "28784",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28784"
          },
          {
            "name": "ADV-2008-2584",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "name": "31882",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "name": "29975",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29975"
          },
          {
            "name": "29863",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29863"
          },
          {
            "name": "30328",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30328"
          },
          {
            "name": "28756",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28756"
          },
          {
            "name": "29886",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29886"
          },
          {
            "name": "1019837",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019837"
          },
          {
            "name": "FEDORA-2008-3420",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
          },
          {
            "name": "clamav-cliscanpe-bo(41789)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
          },
          {
            "name": "VU#858595",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/858595"
          },
          {
            "name": "30253",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30253"
          },
          {
            "name": "openSUSE-SU-2015:0906",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
          },
          {
            "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878",
            "refsource": "CONFIRM",
            "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
          },
          {
            "name": "SUSE-SA:2008:024",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
          },
          {
            "name": "FEDORA-2008-3358",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
          },
          {
            "name": "ADV-2008-1218",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1218/references"
          },
          {
            "name": "DSA-1549",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1549"
          },
          {
            "name": "http://kolab.org/security/kolab-vendor-notice-20.txt",
            "refsource": "CONFIRM",
            "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-1100"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secunia.com/secunia_research/2008-11/advisory/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2008-11/advisory/"
            },
            {
              "name": "28756",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28756"
            },
            {
              "name": "29000",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29000"
            },
            {
              "name": "1019837",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019837"
            },
            {
              "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
            },
            {
              "name": "http://kolab.org/security/kolab-vendor-notice-20.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
            },
            {
              "name": "DSA-1549",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1549"
            },
            {
              "name": "VU#858595",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/858595"
            },
            {
              "name": "29863",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29863"
            },
            {
              "name": "SUSE-SA:2008:024",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
            },
            {
              "name": "FEDORA-2008-3358",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
            },
            {
              "name": "FEDORA-2008-3420",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
            },
            {
              "name": "FEDORA-2008-3900",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
            },
            {
              "name": "MDVSA-2008:088",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
            },
            {
              "name": "28784",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28784"
            },
            {
              "name": "29891",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29891"
            },
            {
              "name": "29886",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29886"
            },
            {
              "name": "29975",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29975"
            },
            {
              "name": "30253",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30253"
            },
            {
              "name": "30328",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30328"
            },
            {
              "name": "APPLE-SA-2008-09-15",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
            },
            {
              "name": "31882",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31882"
            },
            {
              "name": "GLSA-200805-19",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
            },
            {
              "name": "TA08-260A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
            },
            {
              "name": "ADV-2008-1218",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1218/references"
            },
            {
              "name": "ADV-2008-2584",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/2584"
            },
            {
              "name": "openSUSE-SU-2015:0906",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
            },
            {
              "name": "clamav-cliscanpe-bo(41789)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:29Z",
      "publishedDate": "2008-04-14T16:05Z"
    }
  }
}

GHSA-FJ93-3FQ7-589R

Vulnerability from github – Published: 2022-05-01 23:36 – Updated: 2025-04-09 03:53

Details

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-1100"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-04-14T16:05:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.",
  "id": "GHSA-fj93-3fq7-589r",
  "modified": "2025-04-09T03:53:34Z",
  "published": "2022-05-01T23:36:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1100"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
    },
    {
      "type": "WEB",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
    },
    {
      "type": "WEB",
      "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29000"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29863"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29886"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29891"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29975"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30253"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30328"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2008-11/advisory"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1549"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/858595"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28756"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28784"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019837"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1218/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-AVI-463

Vulnerability from certfr_avis - Published: 2008-09-16 - Updated: 2008-09-16

None

Description

De multiples vulnérabilités ont été corrigées dans Mac OS X. Celles-ci permettent notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Mac OS X Server versions antérieures à 10.5.5.
	N/A	N/A	Mac OS X versions antérieures à 10.5.5 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 2008-006

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X Server versions ant\u00e9rieures \u00e0 10.5.5.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X versions ant\u00e9rieures \u00e0 10.5.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Mac OS X. Celles-ci\npermettent notamment \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3608"
    },
    {
      "name": "CVE-2008-2376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2376"
    },
    {
      "name": "CVE-2008-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2332"
    },
    {
      "name": "CVE-2008-1483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1483"
    },
    {
      "name": "CVE-2008-1835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1835"
    },
    {
      "name": "CVE-2008-3618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3618"
    },
    {
      "name": "CVE-2008-2331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2331"
    },
    {
      "name": "CVE-2008-1382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1382"
    },
    {
      "name": "CVE-2008-3617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3617"
    },
    {
      "name": "CVE-2008-1100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1100"
    },
    {
      "name": "CVE-2008-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2329"
    },
    {
      "name": "CVE-2008-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3610"
    },
    {
      "name": "CVE-2008-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3215"
    },
    {
      "name": "CVE-2008-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
    },
    {
      "name": "CVE-2008-2713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2713"
    },
    {
      "name": "CVE-2008-3622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3622"
    },
    {
      "name": "CVE-2008-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1447"
    },
    {
      "name": "CVE-2008-2305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2305"
    },
    {
      "name": "CVE-2008-3619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3619"
    },
    {
      "name": "CVE-2008-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1387"
    },
    {
      "name": "CVE-2008-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2330"
    },
    {
      "name": "CVE-2008-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2312"
    },
    {
      "name": "CVE-2008-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3616"
    },
    {
      "name": "CVE-2008-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1833"
    },
    {
      "name": "CVE-2008-0314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0314"
    },
    {
      "name": "CVE-2008-1657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1657"
    },
    {
      "name": "CVE-2008-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1836"
    },
    {
      "name": "CVE-2008-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3609"
    },
    {
      "name": "CVE-2008-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3613"
    },
    {
      "name": "CVE-2008-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3621"
    },
    {
      "name": "CVE-2008-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1837"
    },
    {
      "name": "CVE-2008-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3611"
    },
    {
      "name": "CVE-2008-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3614"
    }
  ],
  "initial_release_date": "2008-09-16T00:00:00",
  "last_revision_date": "2008-09-16T00:00:00",
  "links": [],
  "reference": "CERTA-2008-AVI-463",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-09-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": null,
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans MacOSX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 2008-006",
      "url": "http://support.apple.com/kb/HT3137"
    }
  ]
}

CERTA-2008-AVI-206

Vulnerability from certfr_avis - Published: 2008-04-15 - Updated: 2008-04-15

De multiples vulnérabilités présentes dans ClamAV permettent à un utilisateur distant de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

Plusieurs erreurs ont été identifiées dans l'antivirus ClamAV :

la première concerne l'analyseur de fichiers exécutables au format PE engendrés par le « packer » : Upack ;
la seconde concerne l'analyseur de fichiers exécutables au format PE engendrés par un autre « packer » : SpinPE ;
la dernière est relative à l'analyseur de fichiers compressés au format ARJ.

Les deux premières vulnérabilités permettent à un utilisateur distant de provoquer un déni de service ou d'exécuter du code arbitraire. Quant à la dernière, elle permet de provoquer un déni de service de l'antivirus vulnérable.

Solution

La version 0.93 de ClamAV corrige le problème :

http://www.clamav.net/download/sources

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

ClamAV versions 0.92.x et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité ClamAV du 14 avril 2008	None	vendor-advisory
Bulletin de sécurité ClamAV :	-	other
Bulletin de sécurité ClamAV :	-	other
Bulletin de sécurité ClamAV :	-	other
Site de ClamAV :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eClamAV versions 0.92.x et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs erreurs ont \u00e9t\u00e9 identifi\u00e9es dans l\u0027antivirus ClamAV :\n\n-   la premi\u00e8re concerne l\u0027analyseur de fichiers ex\u00e9cutables au format\n    PE engendr\u00e9s par le \u00ab packer \u00bb : Upack ;\n-   la seconde concerne l\u0027analyseur de fichiers ex\u00e9cutables au format PE\n    engendr\u00e9s par un autre \u00ab packer \u00bb : SpinPE ;\n-   la derni\u00e8re est relative \u00e0 l\u0027analyseur de fichiers compress\u00e9s au\n    format ARJ.\n\nLes deux premi\u00e8res vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur distant de\nprovoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire. Quant \u00e0\nla derni\u00e8re, elle permet de provoquer un d\u00e9ni de service de l\u0027antivirus\nvuln\u00e9rable.\n\n## Solution\n\nLa version 0.93 de ClamAV corrige le probl\u00e8me :\n\n    http://www.clamav.net/download/sources\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-1100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1100"
    },
    {
      "name": "CVE-2008-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-1387"
    }
  ],
  "initial_release_date": "2008-04-15T00:00:00",
  "last_revision_date": "2008-04-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 ClamAV :",
      "url": "http://www.clamav.net/bugzilla/show_bug.cgi?id=876"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 ClamAV :",
      "url": "http://www.clamav.net/bugzilla/show_bug.cgi?id=897"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 ClamAV :",
      "url": "http://www.clamav.net/bugzilla/show_bug.cgi?id=878"
    },
    {
      "title": "Site de ClamAV :",
      "url": "http://www.clamav.net"
    }
  ],
  "reference": "CERTA-2008-AVI-206",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans ClamAV permettent \u00e0 un\nutilisateur distant de provoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans ClamAV",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 ClamAV du 14 avril 2008",
      "url": null
    }
  ]
}

FKIE_CVE-2008-1100

Vulnerability from fkie_nvd - Published: 2008-04-14 16:05 - Updated: 2025-04-09 00:30

Severity ?

Summary

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://kolab.org/security/kolab-vendor-notice-20.txt
PSIRT-CNA@flexerasoftware.com	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
PSIRT-CNA@flexerasoftware.com	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html
PSIRT-CNA@flexerasoftware.com	http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29000	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29863
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29886
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29891
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29975
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/30253
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/30328
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/31882
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-11/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://security.gentoo.org/glsa/glsa-200805-19.xml
PSIRT-CNA@flexerasoftware.com	http://www.debian.org/security/2008/dsa-1549
PSIRT-CNA@flexerasoftware.com	http://www.kb.cert.org/vuls/id/858595	US Government Resource
PSIRT-CNA@flexerasoftware.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28756
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28784
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019837
PSIRT-CNA@flexerasoftware.com	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1218/references
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/2584
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41789
PSIRT-CNA@flexerasoftware.com	https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html
PSIRT-CNA@flexerasoftware.com	https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html
PSIRT-CNA@flexerasoftware.com	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html
PSIRT-CNA@flexerasoftware.com	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878
af854a3a-2127-422b-91ae-364da2661108	http://kolab.org/security/kolab-vendor-notice-20.txt
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29000	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29863
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29886
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29891
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29975
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30253
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30328
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31882
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-11/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200805-19.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1549
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/858595	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28756
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28784
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019837
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-260A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1218/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2584
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41789
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html
af854a3a-2127-422b-91ae-364da2661108	https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878

Impacted products

	Vendor	Product	Version
	clam_anti-virus	clamav	0.92
	clam_anti-virus	clamav	0.92.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clam_anti-virus:clamav:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "8670A5ED-C41E-40B9-B2C9-68F22734B444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clam_anti-virus:clamav:0.92.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BE6F91-5442-4156-B137-E4AD3E21CF88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n cli_scanpe de libclamav (libclamav/pe.c) para ClamAV 0.92 y 0.92.1, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo Upack PE manipulado."
    }
  ],
  "id": "CVE-2008-1100",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-14T16:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29000"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29863"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29886"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29891"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/29975"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/30253"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/30328"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-11/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1549"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/858595"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28756"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28784"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019837"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1218/references"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kolab.org/security/kolab-vendor-notice-20.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29891"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29975"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-11/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200805-19.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/858595"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1218/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-1100 (GCVE-0-2008-1100)

GSD-2008-1100

GHSA-FJ93-3FQ7-589R

CERTA-2008-AVI-463

Description

Solution

CERTA-2008-AVI-206

Description

Solution

FKIE_CVE-2008-1100

Tags

Sightings

Nomenclature