Launchpad.net

CVE 2007-3725

The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.

Related bugs and status

CVE-2007-3725 (Candidate) is related to these bugs:

Bug #126471: unrar.c Remote DoS in clamav 0.90

Summary				In	Importance	Status
	126471	unrar.c Remote DoS in clamav 0.90		clamav (Ubuntu)	Undecided	Fix Released
	126471	unrar.c Remote DoS in clamav 0.90		clamav (Ubuntu Feisty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.metaeye.org...
CONFIRM: https://wwws.clamav.ne...
SECUNIA: 26038
CONFIRM: http://kolab.org/secur...
DEBIAN: DSA-1340
SECUNIA: 26164
SECUNIA: 26209
SECUNIA: 26226
SUSE: SUSE-SR:2007:015
TRUSTIX: 2007-0023
SECUNIA: 26231
GENTOO: GLSA-200708-04
SECUNIA: 26377
FULLDISC: 20070711 Advisory - Cl...
MANDRIVA: MDKSA-2007:150
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2008-03-18
SECUNIA: 29420
VUPEN: ADV-2007-2509
VUPEN: ADV-2007-2643
VUPEN: ADV-2008-0924
OSVDB: 36907
XF: clamav-rarvm-dos(35367)
BUGTRAQ: 20070711 Advisory - Cl...