VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow

Eygene Ryabinkin rea-fbsd at codelabs.ru
Tue Apr 17 06:55:45 UTC 2007 

Good day.

Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports,
but no sign of the issue in the VuXML. The entry is attached. One
thing that is a bit strange is that the ChangeLog for the ClamAV
(http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about
CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are
messed the numbers -- there is no such CVE, at least I failed to
find it via cve.mitre.org:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997
But the CVE-2007-1870 is a candidate and has no relevant information,
so I am not 100% sure about the correct number.
-- 
Eygene
-------------- next part --------------
  <vuln vid="unknown">
    <topic>clamav -- CAB File Unstore Buffer Overflow Vulnerability</topic>
    <affects>
      <package>
	<name>clamav</name>
	<range><ge>0.90rc3</ge><lt>0.90.2</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>iDefense Security Advisory 04.16.07:</p>
	<blockquote cite="http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=513">
	  <p>Remote exploitation of a buffer overflow vulnerability in Clam
	    AntiVirus' ClamAV allows attackers to execute arbitrary code
	    with the privileges of the affected process.</p>
	  <p>Successful exploitation of this vulnerability results
	    in code execution with the privileges of the process
	    using libclamav.</p>
	  <p>In the case of the clamd program, this will result in
	    executing code with the privileges of the clamav user.
	    Unsuccessful exploitation results in the clamd
	    process crashing.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2007-1870</cvename>
      <url>http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=513</url>
      <url>http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog</url>
    </references>
    <dates>
      <discovery>2007-04-14</discovery>
    </dates>
  </vuln>

More information about the freebsd-security mailing list