CVE-2007-0897 in ClamAVinfo

Summary

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/13/2007

Disclosure

02/16/2007

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-404 (Confirmed)

CVSS

5.3

EPSS

0.07879

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-0897
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0897
CVE Details	https://www.cvedetails.com/cve/CVE-2007-0897/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!