Vulnerability Details CVE-2006-0162
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.28
EPSS Ranking 96.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html
- http://secunia.com/advisories/18379
- http://secunia.com/advisories/18453
- http://secunia.com/advisories/18463
- http://secunia.com/advisories/18478
- http://secunia.com/advisories/18548
- http://securityreason.com/securityalert/342
- http://securitytracker.com/id?1015457
- http://www.clamav.net/doc/0.88/ChangeLog
- http://www.debian.org/security/2006/dsa-947
- http://www.gentoo.org/security/en/glsa/glsa-200601-07.xml
- http://www.kb.cert.org/vuls/id/385908
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:016
- http://www.osvdb.org/22318
- http://www.securityfocus.com/bid/16191
- http://www.trustix.org/errata/2006/0002/
- http://www.vupen.com/english/advisories/2006/0116
- http://www.zerodayinitiative.com/advisories/ZDI-06-001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24047
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html
- http://secunia.com/advisories/18379
- http://secunia.com/advisories/18453
- http://secunia.com/advisories/18463
- http://secunia.com/advisories/18478
- http://secunia.com/advisories/18548
- http://securityreason.com/securityalert/342
- http://securitytracker.com/id?1015457
- http://www.clamav.net/doc/0.88/ChangeLog
- http://www.debian.org/security/2006/dsa-947
- http://www.gentoo.org/security/en/glsa/glsa-200601-07.xml
- http://www.kb.cert.org/vuls/id/385908
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:016
- http://www.osvdb.org/22318
- http://www.securityfocus.com/bid/16191
- http://www.trustix.org/errata/2006/0002/
- http://www.vupen.com/english/advisories/2006/0116
- http://www.zerodayinitiative.com/advisories/ZDI-06-001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24047
Products affected by CVE-2006-0162
-
cpe:2.3:a:clam_anti-virus:clamav:.
-
cpe:2.3:a:clam_anti-virus:clamav:0.51
-
cpe:2.3:a:clam_anti-virus:clamav:0.52
-
cpe:2.3:a:clam_anti-virus:clamav:0.53
-
cpe:2.3:a:clam_anti-virus:clamav:0.54
-
cpe:2.3:a:clam_anti-virus:clamav:0.60
-
cpe:2.3:a:clam_anti-virus:clamav:0.65
-
cpe:2.3:a:clam_anti-virus:clamav:0.67
-
cpe:2.3:a:clam_anti-virus:clamav:0.68
-
cpe:2.3:a:clam_anti-virus:clamav:0.68.1
-
cpe:2.3:a:clam_anti-virus:clamav:0.70
-
cpe:2.3:a:clam_anti-virus:clamav:0.75.1
-
cpe:2.3:a:clam_anti-virus:clamav:0.80
-
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1
-
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2
-
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3
-
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4
-
cpe:2.3:a:clam_anti-virus:clamav:0.81
-
cpe:2.3:a:clam_anti-virus:clamav:0.82
-
cpe:2.3:a:clam_anti-virus:clamav:0.83
-
cpe:2.3:a:clam_anti-virus:clamav:0.84
-
cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1
-
cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2
-
cpe:2.3:a:clam_anti-virus:clamav:0.85
-
cpe:2.3:a:clam_anti-virus:clamav:0.85.1
-
cpe:2.3:a:clam_anti-virus:clamav:0.86
-
cpe:2.3:a:clam_anti-virus:clamav:0.86.1
-
cpe:2.3:a:clam_anti-virus:clamav:0.86.2
-
cpe:2.3:a:clam_anti-virus:clamav:0.87
-
cpe:2.3:a:clam_anti-virus:clamav:0.87.1