Info

Disclosure

Oct 12, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Clam AntiVirus contains a flaw that may allow a remote denial of service. The problem ist that the 'ole2_walk_property_tree()' function in the OLE2 unpacker does not properly handle malformed OLE2 files. With a malformed .doc file containing an invalid property tree, a remote attacker can cause the application to enter an infinite loop resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Security Software

Solution

Upgrade to version 0.87.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Tomasz Kojm

Clam AntiVirus

0.87

References

Security Tracker: 1015154
Secunia Advisory ID: 17184 17501 17559
CVE ID: 2005-3239 (see also: NVD)
Vendor Specific News/Changelog Entry: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333566
http://sourceforge.net/project/shownotes.php?release_id=368319
Vendor Specific Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:205
http://www.debian.org/security/2005/dsa-887
http://www.novell.com/linux/security/advisories/2005_26_sr.html
Vendor URL: http://www.clamav.net/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/20536