[Pkg-clamav-devel] Bug#523016: CVE ids
Nico Golde
nion at debian.org
Thu Apr 9 00:40:18 UTC 2009
Hi,
here are the CVE ids for this:
======================================================
Name: CVE-2008-6680
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6680
Reference: CONFIRM:https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause
a denial of service (crash) via a crafted EXE file that triggers a
divide-by-zero error.
======================================================
Name: CVE-2009-1270
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1270
Reference: CONFIRM:https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to
cause a denial of service (infinite loop) via a crafted file that
causes (1) clamd and (2) clamscan to hang.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20090409/a64e625e/attachment.pgp>
More information about the Pkg-clamav-devel
mailing list