CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1923

The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.0%

CVSS Severity

CVSS v2 Score 2.6

References

http://www.debian.org/security/2005/dsa-737
http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities
http://www.debian.org/security/2005/dsa-737
http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities

Products affected by CVE-2005-1923

Clam Anti-Virus » Clamav » Version: 0.83

cpe:2.3:a:clam_anti-virus:clamav:0.83
Clam Anti-Virus » Clamav » Version: 0.84_rc1

cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1
Clam Anti-Virus » Clamav » Version: 0.84_rc2

cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2
Clam Anti-Virus » Clamav » Version: 0.85

cpe:2.3:a:clam_anti-virus:clamav:0.85
Clam Anti-Virus » Clamav » Version: 0.85.1

cpe:2.3:a:clam_anti-virus:clamav:0.85.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1923

Products

Pricing

Contact Us