First published: Thu Jun 30 2005(Updated: )
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Clam Anti-virus Clamav | =0.84_rc1 | |
Clam Anti-virus Clamav | =0.85.1 | |
Clam Anti-virus Clamav | =0.85 | |
Clam Anti-virus Clamav | =0.83 | |
Clam Anti-virus Clamav | =0.84_rc2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.