Launchpad CVE tracker

CVE 2007-3024

libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.

Related bugs and status

CVE-2007-3024 (Candidate) is related to these bugs:

Bug #190187: Dapper clamav has multiple security issues that require upgrade to new version to fix

Summary				In	Importance	Status
	190187	Dapper clamav has multiple security issues that require upgrade to new version to fix		clamav (Ubuntu)	Undecided	Fix Released
	190187	Dapper clamav has multiple security issues that require upgrade to new version to fix		clamav (Ubuntu Dapper)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [Clamav-announce] 2007...
CONFIRM: http://svn.clamav.net/...
CONFIRM: https://wwws.clamav.ne...
CONFIRM: http://kolab.org/secur...
SUSE: SUSE-SA:2007:033
BID: 24358
SECUNIA: 25523
SECUNIA: 25525
GENTOO: GLSA-200706-05
SECUNIA: 25688
DEBIAN: DSA-1320
SECUNIA: 25796

Launchpad.net

CVE 2007-3024

Related bugs and status

Related bugs

References