Ubuntu
clamav package

[CVE-2008-3215] ClamAV Petite DoS not fixed until 0.93.3

Bug #253782 reported by Till Ulen on 2008-07-31

256

Affects		Status	Importance	Assigned to	Milestone
	clamav (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: clamav

CVE-2008-3215 description:

"libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713."

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3215

CVE References

Revision history for this message

Scott Kitterman (kitterman) wrote on 2008-07-31:

Already fixed. Please provide evidence not involving version numbers if you believe otherwise.

Changed in clamav:
status:	New → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuclamav package