[Bug 217256] Re: ClamAV Upack Processing Buffer Overflow Vulnerability

Scott Kitterman Thu, 17 Apr 2008 20:41:41 -0700

Sync'ed for Hardy.  More issues than just the one initially described:

 clamav (0.92.1~dfsg2-1) unstable; urgency=high
 .
   * libclamav/pe.c: possible integer overflow in wwpack
   * [CVE-2008-1100]: libclamav/pe.c: possible integer overflow in upack
   * [CVE-2008-1387]: libclamav/spin.c: possible integer overflow
   * libclamav/unarj.c: DoS in unarj


** Changed in: clamav (Ubuntu)
   Importance: Undecided => Medium
       Status: Fix Committed => Fix Released

** Changed in: clamav (Ubuntu Dapper)
     Assignee: (unassigned) => Scott Kitterman (kitterman)
       Status: New => In Progress

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1387

-- 
ClamAV Upack Processing Buffer Overflow Vulnerability
https://bugs.launchpad.net/bugs/217256
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 217256] Re: ClamAV Upack Processing Buffer Overflow Vulnerability

Reply via email to