Launchpad CVE tracker

CVE 2007-3123

unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.

Related bugs and status

CVE-2007-3123 (Candidate) is related to these bugs:

Bug #190187: Dapper clamav has multiple security issues that require upgrade to new version to fix

Summary				In	Importance	Status
	190187	Dapper clamav has multiple security issues that require upgrade to new version to fix		clamav (Ubuntu)	Undecided	Fix Released
	190187	Dapper clamav has multiple security issues that require upgrade to new version to fix		clamav (Ubuntu Dapper)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [Clamav-announce] 2007...
CONFIRM: http://svn.clamav.net/...
CONFIRM: https://wwws.clamav.ne...
CONFIRM: http://kolab.org/secur...
SUSE: SUSE-SA:2007:033
BID: 24289
SECUNIA: 25523
SECUNIA: 25525
GENTOO: GLSA-200706-05
SECUNIA: 25688
DEBIAN: DSA-1320
SECUNIA: 25796
OSVDB: 35522
XF: clamav-rar-dos(34778)

Launchpad.net

CVE 2007-3123

Related bugs and status

Related bugs

References