Denial of Service : ClamAV < 0.94.1 get_unicode_name() Off-By-One Heap based BOF Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800067

Categoría: Denial of Service

Título: ClamAV < 0.94.1 get_unicode_name() Off-By-One Heap based BOF Vulnerability

Resumen: ClamAV is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
ClamAV is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
The flaw exists due to an off-by-one error in the function
get_unicode_name() in libclamav/vba_extract.c.

Vulnerability Impact:
A specially crafted VBA project when opened causes heap buffer
overflow which can be exploited by attackers to execute arbitrary code on the system with clamd
privileges or cause the application to crash.

Affected Software/OS:
ClamAV before version 0.94.1.

Solution:
Update to version 0.94.1 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5050
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
BugTraq ID: 32207
http://www.securityfocus.com/bid/32207
Bugtraq: 20081108 ClamAV get_unicode_name() off-by-one buffer overflow (Google Search)
http://www.securityfocus.com/archive/1/498169/100/0/threaded
Debian Security Information: DSA-1680 (Google Search)
http://www.debian.org/security/2008/dsa-1680
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html
http://security.gentoo.org/glsa/glsa-200812-21.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:229
http://www.securitytracker.com/id?1021159
http://secunia.com/advisories/32663
http://secunia.com/advisories/32699
http://secunia.com/advisories/32765
http://secunia.com/advisories/32872
http://secunia.com/advisories/33016
http://secunia.com/advisories/33317
http://secunia.com/advisories/33937
http://securityreason.com/securityalert/4579
SuSE Security Announcement: SUSE-SR:2008:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
http://www.ubuntu.com/usn/usn-672-1
http://www.vupen.com/english/advisories/2008/3085
http://www.vupen.com/english/advisories/2009/0422
XForce ISS Database: clamav-getunicodename-bo(46462)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46462

Copyright Copyright (C) 2008 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800067
Categoría:	Denial of Service
Título:	ClamAV < 0.94.1 get_unicode_name() Off-By-One Heap based BOF Vulnerability
Resumen:	ClamAV is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ClamAV is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw exists due to an off-by-one error in the function get_unicode_name() in libclamav/vba_extract.c. Vulnerability Impact: A specially crafted VBA project when opened causes heap buffer overflow which can be exploited by attackers to execute arbitrary code on the system with clamd privileges or cause the application to crash. Affected Software/OS: ClamAV before version 0.94.1. Solution: Update to version 0.94.1 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5050 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 32207 http://www.securityfocus.com/bid/32207 Bugtraq: 20081108 ClamAV get_unicode_name() off-by-one buffer overflow (Google Search) http://www.securityfocus.com/archive/1/498169/100/0/threaded Debian Security Information: DSA-1680 (Google Search) http://www.debian.org/security/2008/dsa-1680 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html http://security.gentoo.org/glsa/glsa-200812-21.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:229 http://www.securitytracker.com/id?1021159 http://secunia.com/advisories/32663 http://secunia.com/advisories/32699 http://secunia.com/advisories/32765 http://secunia.com/advisories/32872 http://secunia.com/advisories/33016 http://secunia.com/advisories/33317 http://secunia.com/advisories/33937 http://securityreason.com/securityalert/4579 SuSE Security Announcement: SUSE-SR:2008:026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://www.ubuntu.com/usn/usn-672-1 http://www.vupen.com/english/advisories/2008/3085 http://www.vupen.com/english/advisories/2009/0422 XForce ISS Database: clamav-getunicodename-bo(46462) https://exchange.xforce.ibmcloud.com/vulnerabilities/46462
Copyright	Copyright (C) 2008 Greenbone Networks GmbH