ClamAV Remote Denial Of Service Vulnerability Network Vulnerability

Summary

This host has ClamAV installed, and is prone to denial of service vulnerability.

Impact

Successful exploitation will cause remote attackers to crash the daemon via a specially crafted JPEG file. Impact Level: Application

Solution

Upgrade to ClamAV 0.94.2 http://www.clamav.net/

Insight

The application fails to validate user input passed to cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions in special.c file.

Affected

ClamAV before 0.94.2 on Linux

References

http://www.openwall.com/lists/oss-security/2008/12/01/8

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-5314

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)
Apache Connection Blocking Denial of Service
Comodo Internet Security Denial of Service Vulnerability-01

ClamAV Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities