CVE - CVE-2008-1389

CVE-ID
CVE-2008-1389	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:http://int21.de/cve/CVE-2008-1389-clamav-chd.html CONFIRM:http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661 CONFIRM:http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog CONFIRM:https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1089 CONFIRM:http://kolab.org/security/kolab-vendor-notice-22.txt CONFIRM:http://support.apple.com/kb/HT3216 APPLE:APPLE-SA-2008-10-09 URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html FEDORA:FEDORA-2008-9644 URL:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html FEDORA:FEDORA-2008-9651 URL:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html GENTOO:GLSA-200809-18 URL:http://security.gentoo.org/glsa/glsa-200809-18.xml MANDRIVA:MDVSA-2008:189 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:189 SUSE:SUSE-SR:2008:018 URL:http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html BID:30994 URL:http://www.securityfocus.com/bid/30994 BID:31681 URL:http://www.securityfocus.com/bid/31681 VUPEN:ADV-2008-2484 URL:http://www.vupen.com/english/advisories/2008/2484 VUPEN:ADV-2008-2564 URL:http://www.vupen.com/english/advisories/2008/2564 VUPEN:ADV-2008-2780 URL:http://www.vupen.com/english/advisories/2008/2780 SECTRACK:1020805 URL:http://www.securitytracker.com/id?1020805 SECUNIA:31725 URL:http://secunia.com/advisories/31725 SECUNIA:32030 URL:http://secunia.com/advisories/32030 SECUNIA:31906 URL:http://secunia.com/advisories/31906 SECUNIA:32222 URL:http://secunia.com/advisories/32222 SECUNIA:32699 URL:http://secunia.com/advisories/32699 SECUNIA:31982 URL:http://secunia.com/advisories/31982
Assigning CNA
N/A
Date Entry Created
20080318	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080318)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Use of the Common Vulnerabilities and Exposures List and the associated references from this Web site are subject to the Terms of Use. For more information, please email cve@mitre.org.

CVE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 1999–2018, The MITRE Corporation. CVE and the CVE logo are registered trademarks and CVE-Compatible is a trademark of The MITRE Corporation.

Site Map
Privacy policy
Terms of use
Contact us