漏洞信息详情
Multiple Vendors RAR Handling 远程空指针提领漏洞
- CNNVD编号:CNNVD-200707-231
- 危害等级: 低危
- CVE编号: CVE-2007-3725
- 漏洞类型: 其他
- 发布时间: 2007-07-12
- 威胁类型: 远程
- 更新时间: 2007-07-14
- 厂 商: clam_anti-virus
- 漏洞来源: Metaeye Security G...
漏洞简介
Clam Antivirus (ClamAV) 0.91版本之前的版本的RAR VM (unrarvm.c)允许用户协助式的远程攻击者可以借助一个特制的RAR存档文件,造成拒绝服务(崩溃),并引发一个空指针提领。
漏洞公告
参考网址
来源: BUGTRAQ
名称: 20070711 Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability.
链接:http://www.securityfocus.com/archive/1/archive/1/473371/100/0/threaded
来源: MISC
链接:http://www.metaeye.org/advisories/54
来源: wwws.clamav.net
链接:https://wwws.clamav.net/bugzilla/show_bug.cgi?id=555
来源: XF
名称: clamav-rarvm-dos(35367)
链接:http://xforce.iss.net/xforce/xfdb/35367
来源: TRUSTIX
名称: 2007-0023
链接:http://www.trustix.org/errata/2007/0023/
来源: SUSE
名称: SUSE-SR:2007:015
链接:http://www.novell.com/linux/security/advisories/2007_15_sr.HTML
来源: MANDRIVA
名称: MDKSA-2007:150
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:150
来源: VUPEN
名称: ADV-2008-0924
链接:http://www.frsirt.com/english/advisories/2008/0924/references
来源: VUPEN
名称: ADV-2007-2643
链接:http://www.frsirt.com/english/advisories/2007/2643
来源: VUPEN
名称: ADV-2007-2509
链接:http://www.frsirt.com/english/advisories/2007/2509
来源: DEBIAN
名称: DSA-1340
链接:http://www.debian.org/security/2007/dsa-1340
来源: GENTOO
名称: GLSA-200708-04
链接:http://security.gentoo.org/glsa/glsa-200708-04.xml
来源: SECUNIA
名称: 29420
链接:http://secunia.com/advisories/29420
来源: SECUNIA
名称: 26377
链接:http://secunia.com/advisories/26377
来源: SECUNIA
名称: 26231
链接:http://secunia.com/advisories/26231
来源: SECUNIA
名称: 26226
链接:http://secunia.com/advisories/26226
来源: SECUNIA
名称: 26209
链接:http://secunia.com/advisories/26209
来源: SECUNIA
名称: 26164
链接:http://secunia.com/advisories/26164
来源: SECUNIA
名称: 26038
链接:http://secunia.com/advisories/26038
来源: FULLDISC
名称: 20070711 Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability.
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064569.HTML
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2008-03-18
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2008/Mar/msg00001.HTML
来源: kolab.org
链接:http://kolab.org/security/kolab-vendor-notice-16.txt
来源: docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://docs.info.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/article.HTML?artnum=307562
受影响实体
- Clam_anti-Virus Clamav:0.80_rc2
- Clam_anti-Virus Clamav:0.71
- Clam_anti-Virus Clamav:0.65
- Clam_anti-Virus Clamav:0.60p
- Clam_anti-Virus Clamav:0.60
补丁
暂无
评论