ClamAV Remote Denial Of Service Vulnerability Network Vulnerability

Summary

This host has ClamAV installed, and is prone to denial of service vulnerability.

Impact

Successful exploitation will cause remote attackers to crash the daemon via a specially crafted JPEG file. Impact Level: Application

Solution

Upgrade to ClamAV 0.94.2 http://www.clamav.net/

Insight

The application fails to validate user input passed to cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions in special.c file.

Affected

ClamAV before 0.94.2 on Linux

References

http://www.openwall.com/lists/oss-security/2008/12/01/8

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-5314
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Acrobat PDF File Denial Of Service Vulnerability
ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)
Firefox XUL Parsing Denial of Service Vulnerability (Win)
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
CUPS IPP Packets Processing Denial of Service Vulnerability

ClamAV Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities