{ "id": "CVE-2007-0897", "sourceIdentifier": "cve@mitre.org", "published": "2007-02-16T19:28:00.000", "lastModified": "2017-07-29T01:30:29.563", "vulnStatus": "Modified", "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nClam AntiVirus, ClamAV, 0.90 Stable", "descriptions": [ { "lang": "en", "value": "Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor." }, { "lang": "es", "value": "Clam AntiVirus ClamAV anterior a 0.90 no cierra los descriptores de apertura de ficheros bajo ciertas condiciones, lo cual permite a atacantes remotos provocar denegaci\u00f3n de servicio (consumo del descriptor de fichero y fallo de escaneo) a trav\u00e9s de archivos CAB \t\r\ncon una longitud de registro con una cabecera cabinet(.CAB) de cero, lo cual provoca que una funci\u00f3n retorne sin cerrar el descriptor de fichero." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.15", "matchCriteriaId": "E040C64A-273E-49FC-9B32-E25BE15D357A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.20", "matchCriteriaId": "F4DAF18C-D921-448C-9806-F7161B742E51" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.21", "matchCriteriaId": "09A48542-552D-45B6-9989-EBA02C16BAD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.22", "matchCriteriaId": "7F5E3E9F-9F7F-4366-AF74-5DD79D500ADA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.23", "matchCriteriaId": "630D6FA9-DF36-4FFF-A894-282DBD3C6931" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.24", "matchCriteriaId": "C0CC9F29-854C-4B58-93B7-04FB5AFF4AF7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.51", "matchCriteriaId": "75501EBF-B78B-4160-B1FD-B8FF502BC860" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.52", "matchCriteriaId": "26AEB8E6-B3A9-48F6-AA7D-55FDB2B6DF8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.53", "matchCriteriaId": "2D6117F8-A05B-42FA-B5CD-4646C0F755D6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.54", "matchCriteriaId": "D40CD000-F4D6-48EA-8785-7C662DD4FB77" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.60", "matchCriteriaId": "2E370AEE-3D76-4DB3-B2EA-DE2F24A1D2B8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.60p", "matchCriteriaId": "59FCC7A7-4AC9-4084-9684-E236FAEF4B3F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.65", "matchCriteriaId": "8848DF73-5C8F-4923-B6D5-103D3A4E45BB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.67", "matchCriteriaId": "AC26FE6A-DA82-4F10-A176-6EF719383232" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.68", "matchCriteriaId": "D9ECDDC6-88C6-42DE-BC4D-F1099957341E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.68.1", "matchCriteriaId": "4014C1FE-9659-4D87-BE25-82A28222CEE2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.70", "matchCriteriaId": "054DFC0C-996C-4ECD-8832-9E8C085B7C4D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.71", "matchCriteriaId": "CCEC1516-8A43-4010-903A-07DB582C18C6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.72", "matchCriteriaId": "8582F6D3-EBD5-485B-8BB5-F91DDFC9C600" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.73", "matchCriteriaId": "09C15660-74FA-4AA0-929E-6291AE2B1297" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.74", "matchCriteriaId": "E68EB72E-EEDE-4231-B309-B6558956BC6C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.75", "matchCriteriaId": "BD05D78B-6F28-4068-88F7-96461D85236C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.75.1", "matchCriteriaId": "8278F2A2-8B1B-4FC2-BC66-C6EC87E9476D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.80", "matchCriteriaId": "F07C275E-16B0-4A2B-89A6-C68C68FCF67D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.80_rc1", "matchCriteriaId": "D0867DF1-4122-4E5C-8F72-FADB042DA14D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.80_rc2", "matchCriteriaId": "3CF31500-C66B-4FEC-90BE-30F7D0956929" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.80_rc3", "matchCriteriaId": "B721C0AE-AB73-4A9A-84CB-BECCD974CA99" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.80_rc4", "matchCriteriaId": "6638002E-716F-476A-9452-4C1B188CF59B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.81", "matchCriteriaId": "C596E6BB-7060-4BA7-B2BA-8E84FF6BF9A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.81_rc1", "matchCriteriaId": "8943D346-7542-4DD4-82D0-B8CF1D0494B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.82", "matchCriteriaId": "9E3A3962-54F7-48EC-8ABD-BAE8C8B4727E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.83", "matchCriteriaId": "C745EB7E-367A-4C2B-B206-3FEB4C33A97A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.84", "matchCriteriaId": "8B796948-15AD-4A30-8251-67444175A777" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.84_rc1", "matchCriteriaId": "4C64CF0B-91A9-4EF7-B089-0B3CA26B2EFD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.84_rc2", "matchCriteriaId": "56ED080B-6E44-4B47-833F-25535FCEDA69" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.85", "matchCriteriaId": "7A0FB401-6282-4687-A8EC-EB3BE02C293D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.85.1", "matchCriteriaId": "2C0E3FE9-0B62-484E-A7CF-1CE0BBDE36AE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.86", "matchCriteriaId": "9391B98E-80A9-4C12-9EB8-F45A289FD9F1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.86.1", "matchCriteriaId": "184FC0BC-25CD-4804-9DFF-9309F991557D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.86.2", "matchCriteriaId": "AFDA61E7-4CE4-4FDD-8B1B-BFF6A934CDA2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.86_rc1", "matchCriteriaId": "18547613-F1A4-410C-A723-FC7BB8A270CC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.87", "matchCriteriaId": "A5BF037B-141A-48AB-88A3-555836B160FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.87.1", "matchCriteriaId": "D1873479-6058-472F-94AB-2601B2936812" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.88", "matchCriteriaId": "B498C911-81FC-4B1A-B9A4-5F266AA2B7CA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.88.1", "matchCriteriaId": "990BE50A-0B0B-44CC-BE51-CF69C900EE52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.88.3", "matchCriteriaId": "E9B0DEE6-CA69-4020-AF96-8C6E5872ADF5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.88.4", "matchCriteriaId": "8D7A91DF-84B4-4E45-8675-E107D8BCD070" }, { "vulnerable": true, "criteria": "cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.88.6", "matchCriteriaId": "F8D97900-5AD1-43BF-860F-537D25A54C95" } ] } ] } ], "references": [ { "url": "http://docs.info.apple.com/article.html?artnum=307562", "source": "cve@mitre.org" }, { "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", "source": "cve@mitre.org" }, { "url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html", "source": "cve@mitre.org" }, { "url": "http://security.gentoo.org/glsa/glsa-200703-03.xml", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2007/dsa-1263", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/22580", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securitytracker.com/id?1017659", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2007/0623", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2008/0924/references", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531", "source": "cve@mitre.org" } ] }