National Cyber-Alert System

Vulnerability Summary for CVE-2006-4182

Overview

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

Solution

This vulnerability is addressed in the following product release: Clam Anti-Virus, ClamAV, 0.88.5}

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA06-333A

Name: TA06-333A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-333A.html

US-CERT Vulnerability Note: VU#180864

Name: VU#180864

Hyperlink:http://www.kb.cert.org/vuls/id/180864

External Source: IDEFENSE

Name: 20061016 Clam AntiVirus ClamAV rebuildpe Heap Overflow Vulnerability

Type: Advisory; Patch Information

Hyperlink:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422

External Source: XF

Name: clamav-rebuildpe-bo(29607)

Hyperlink:http://xforce.iss.net/xforce/xfdb/29607

External Source: BID

Name: 20535

Hyperlink:http://www.securityfocus.com/bid/20535

External Source: SUSE

Name: SUSE-SA:2006:060

Hyperlink:http://www.novell.com/linux/security/advisories/2006_60_clamav.html

External Source: MANDRIVA

Name: MDKSA-2006:184

Hyperlink:http://www.mandriva.com/security/advisories?name=MDKSA-2006:184

External Source: VUPEN

Name: ADV-2006-4750

Hyperlink:http://www.frsirt.com/english/advisories/2006/4750

External Source: VUPEN

Name: ADV-2006-4264

Hyperlink:http://www.frsirt.com/english/advisories/2006/4264

External Source: VUPEN

Name: ADV-2006-4136

Hyperlink:http://www.frsirt.com/english/advisories/2006/4136

External Source: VUPEN

Name: ADV-2006-4034

Hyperlink:http://www.frsirt.com/english/advisories/2006/4034

External Source: DEBIAN

Name: DSA-1196

Hyperlink:http://www.debian.org/security/2006/dsa-1196

External Source: SECTRACK

Name: 1017068

Hyperlink:http://securitytracker.com/id?1017068

External Source: GENTOO

Name: GLSA-200610-10

Hyperlink:http://security.gentoo.org/glsa/glsa-200610-10.xml

External Source: SECUNIA

Name: 23155

Hyperlink:http://secunia.com/advisories/23155

External Source: SECUNIA

Name: 22626

Hyperlink:http://secunia.com/advisories/22626

External Source: SECUNIA

Name: 22551

Hyperlink:http://secunia.com/advisories/22551

External Source: SECUNIA

Name: 22537

Hyperlink:http://secunia.com/advisories/22537

External Source: SECUNIA

Name: 22498

Hyperlink:http://secunia.com/advisories/22498

External Source: SECUNIA

Name: 22488

Hyperlink:http://secunia.com/advisories/22488

External Source: SECUNIA

Name: 22421

Hyperlink:http://secunia.com/advisories/22421

External Source: SECUNIA

Name: 22370

Hyperlink:http://secunia.com/advisories/22370

External Source: APPLE

Name: APPLE-SA-2006-11-28

Hyperlink:http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

External Source: CONFIRM

Name: http://kolab.org/security/kolab-vendor-notice-13.txt

Hyperlink:http://kolab.org/security/kolab-vendor-notice-13.txt

External Source: MANDRIVA

Name: MDKSA-2006:184

Hyperlink:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:184

External Source: CONFIRM

Name: http://docs.info.apple.com/article.html?artnum=304829

Hyperlink:http://docs.info.apple.com/article.html?artnum=304829