Launchpad.net

CVE 2007-6336

Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

CVE-2007-6336 (Candidate) is related to these bugs:

Bug #177537: Remote Code Execution

		In	Importance	Status
177537	Remote Code Execution	clamav (Ubuntu)	Undecided	Fix Released
177537	Remote Code Execution	clamav (Ubuntu Dapper)	Undecided	Won't Fix
177537	Remote Code Execution	clamav (Ubuntu Edgy)	Undecided	Won't Fix
177537	Remote Code Execution	clamav (Ubuntu Hardy)	Undecided	Fix Released
177537	Remote Code Execution	clamav (Ubuntu Gutsy)	Undecided	Fix Released
177537	Remote Code Execution	clamav (Ubuntu Feisty)	Undecided	Fix Released
177537	Remote Code Execution	Feisty Backports	Undecided	Fix Released

Bug #180285: [clamav] remote vulnerabilities in versions before 0.92

Summary				In	Importance	Status
	180285	[clamav] remote vulnerabilities in versions before 0.92		clamav (Ubuntu)	Undecided	New

See the

CVE page on Mitre.org for more details.