Launchpad CVE tracker

CVE 2008-3913

Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".

Related bugs and status

CVE-2008-3913 (Candidate) is related to these bugs:

Bug #271546: [hardy] Multiple unfixed CVEs

		In	Importance	Status
271546	[hardy] Multiple unfixed CVEs	clamav (Ubuntu)	Undecided	Fix Released
271546	[hardy] Multiple unfixed CVEs	clamav (Ubuntu Hardy)	Undecided	Fix Released
271546	[hardy] Multiple unfixed CVEs	clamav (Ubuntu Dapper)	Undecided	Fix Released
271546	[hardy] Multiple unfixed CVEs	clamav (Ubuntu Gutsy)	Undecided	Won't Fix
271546	[hardy] Multiple unfixed CVEs	clamav (Ubuntu Intrepid)	Undecided	Fix Released

Bug #304017: Recursive stack overflow in jpeg parsing code

		In	Importance	Status
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu)	High	Fix Released
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu Intrepid)	High	Fix Released
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu Dapper)	Undecided	Fix Released
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu Gutsy)	Undecided	Won't Fix
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu Hardy)	Undecided	Fix Released
304017	Recursive stack overflow in jpeg parsing code	clamav (Ubuntu Jaunty)	High	Fix Released

Bug #317923: Clamav modules still disabled even though security issues are fixed

		In	Importance	Status
317923	Clamav modules still disabled even though security issues are fixed	clamav (Ubuntu)	High	Fix Released
317923	Clamav modules still disabled even though security issues are fixed	clamav (Ubuntu Dapper)	High	Fix Released
317923	Clamav modules still disabled even though security issues are fixed	clamav (Ubuntu Gutsy)	High	Fix Released
317923	Clamav modules still disabled even though security issues are fixed	clamav (Ubuntu Hardy)	High	Fix Released

Bug #354190: Security fixes from clamav 0.95 need backport

		In	Importance	Status
354190	Security fixes from clamav 0.95 need backport	clamav (Ubuntu)	Undecided	Fix Released
354190	Security fixes from clamav 0.95 need backport	clamav (Ubuntu Dapper)	Undecided	Fix Released
354190	Security fixes from clamav 0.95 need backport	clamav (Ubuntu Gutsy)	Undecided	Won't Fix
354190	Security fixes from clamav 0.95 need backport	clamav (Ubuntu Hardy)	Undecided	Fix Released
354190	Security fixes from clamav 0.95 need backport	clamav (Ubuntu Intrepid)	Medium	Fix Released
354190	Security fixes from clamav 0.95 need backport	Hardy Backports	High	Fix Released
354190	Security fixes from clamav 0.95 need backport	Dapper Backports	Undecided	Fix Released

Bug #360502: Fix relevant security bugs from 0.95.1 in earlier releases

		In	Importance	Status
360502	Fix relevant security bugs from 0.95.1 in earlier releases	clamav (Ubuntu)	High	Fix Released
360502	Fix relevant security bugs from 0.95.1 in earlier releases	clamav (Ubuntu Dapper)	Undecided	Fix Released
360502	Fix relevant security bugs from 0.95.1 in earlier releases	clamav (Ubuntu Gutsy)	Undecided	Won't Fix
360502	Fix relevant security bugs from 0.95.1 in earlier releases	clamav (Ubuntu Hardy)	Undecided	Fix Released
360502	Fix relevant security bugs from 0.95.1 in earlier releases	clamav (Ubuntu Intrepid)	High	Fix Released
360502	Fix relevant security bugs from 0.95.1 in earlier releases	Hardy Backports	Undecided	Fix Released
360502	Fix relevant security bugs from 0.95.1 in earlier releases	Dapper Backports	Undecided	Fix Released

Bug #360919: AppArmor.d profile parsing error after update

Summary				In	Importance	Status
	360919	AppArmor.d profile parsing error after update		clamav (Ubuntu)	Undecided	Fix Released
	360919	AppArmor.d profile parsing error after update		Hardy Backports	Low	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-3913

References