Launchpad CVE tracker

CVE 2008-1833

Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.

Related bugs and status

CVE-2008-1833 (Candidate) is related to these bugs:

Bug #217256: ClamAV Upack Processing Buffer Overflow Vulnerability

		In	Importance	Status
217256	ClamAV Upack Processing Buffer Overflow Vulnerability	clamav (Ubuntu)	Medium	Fix Released
217256	ClamAV Upack Processing Buffer Overflow Vulnerability	clamav (Ubuntu Dapper)	Undecided	Fix Released
217256	ClamAV Upack Processing Buffer Overflow Vulnerability	clamav (Ubuntu Edgy)	Undecided	Won't Fix
217256	ClamAV Upack Processing Buffer Overflow Vulnerability	clamav (Ubuntu Feisty)	Medium	Fix Released
217256	ClamAV Upack Processing Buffer Overflow Vulnerability	clamav (Ubuntu Gutsy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20080414 ClamAV libcla...
CONFIRM: https://wwws.clamav.ne...
CONFIRM: http://kolab.org/secur...
DEBIAN: DSA-1549
BID: 28798
SECUNIA: 29863
SUSE: SUSE-SA:2008:024
MANDRIVA: MDVSA-2008:088
BID: 28784
SECUNIA: 29891
FEDORA: FEDORA-2008-3358
FEDORA: FEDORA-2008-3420
SECUNIA: 29975
SECUNIA: 30328
CONFIRM: http://up2date.astaro....
APPLE: APPLE-SA-2008-09-15
SECUNIA: 31576
SECUNIA: 31882
GENTOO: GLSA-200805-19
CERT: TA08-260A
CONFIRM: http://svn.clamav.net/...
SECTRACK: 1019850
VUPEN: ADV-2008-1227
VUPEN: ADV-2008-2584
XF: clamav-wwpack-pe-bo(41...

Launchpad.net

CVE 2008-1833

Related bugs and status

Related bugs

References