National Cyber Awareness System

Vulnerability Summary for CVE-2008-5050

Overview

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: BID

Name: 32207

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/32207

External Source: FEDORA

Name: FEDORA-2008-9651

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html

External Source: FEDORA

Name: FEDORA-2008-9644

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html

External Source: XF

Name: clamav-getunicodename-bo(46462)

Hyperlink:http://xforce.iss.net/xforce/xfdb/46462

External Source: VUPEN

Name: ADV-2009-0422

Hyperlink:http://www.vupen.com/english/advisories/2009/0422

External Source: VUPEN

Name: ADV-2008-3085

Hyperlink:http://www.vupen.com/english/advisories/2008/3085

External Source: UBUNTU

Name: USN-672-1

Hyperlink:http://www.ubuntu.com/usn/usn-672-1

External Source: SECTRACK

Name: 1021159

Hyperlink:http://www.securitytracker.com/id?1021159

External Source: BUGTRAQ

Name: 20081108 ClamAV get_unicode_name() off-by-one buffer overflow

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/498169/100/0/threaded

External Source: MANDRIVA

Name: MDVSA-2008:229

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2008:229

External Source: DEBIAN

Name: DSA-1680

Hyperlink:http://www.debian.org/security/2008/dsa-1680

External Source: CONFIRM

Name: http://support.apple.com/kb/HT3438

Hyperlink:http://support.apple.com/kb/HT3438

External Source: CONFIRM

Name: http://sourceforge.net/project/shownotes.php?release_id=637952&group_id=86638

Hyperlink:http://sourceforge.net/project/shownotes.php?release_id=637952&group_id=86638

External Source: SREASON

Name: 4579

Hyperlink:http://securityreason.com/securityalert/4579

External Source: GENTOO

Name: GLSA-200812-21

Hyperlink:http://security.gentoo.org/glsa/glsa-200812-21.xml

External Source: SECUNIA

Name: 33937

Hyperlink:http://secunia.com/advisories/33937

External Source: SECUNIA

Name: 33317

Hyperlink:http://secunia.com/advisories/33317

External Source: SECUNIA

Name: 33016

Hyperlink:http://secunia.com/advisories/33016

External Source: SECUNIA

Name: 32872

Hyperlink:http://secunia.com/advisories/32872

External Source: SECUNIA

Name: 32765

Hyperlink:http://secunia.com/advisories/32765

External Source: SECUNIA

Name: 32699

Hyperlink:http://secunia.com/advisories/32699

External Source: SECUNIA

Name: 32663

Type: Advisory

Hyperlink:http://secunia.com/advisories/32663

External Source: SUSE

Name: SUSE-SR:2008:026

Hyperlink:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

External Source: FULLDISC

Name: 20081109 ClamAV get_unicode_name() off-by-one buffer overflow

Hyperlink:http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html

External Source: APPLE

Name: APPLE-SA-2009-02-12

Hyperlink:http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html