Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-3215

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.

Related bugs and status

CVE-2008-3215 (Candidate) is related to these bugs:

Bug #253782: [CVE-2008-3215] ClamAV Petite DoS not fixed until 0.93.3

Summary				In	Importance	Status
	253782	[CVE-2008-3215] ClamAV Petite DoS not fixed until 0.93.3		clamav (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2008070...
MLIST: [oss-security] 2008071...
CONFIRM: http://lurker.clamav.n...
CONFIRM: https://wwws.clamav.ne...
SUSE: SUSE-SR:2008:015
APPLE: APPLE-SA-2008-09-15
GENTOO: GLSA-200808-07
MANDRIVA: MDVSA-2008:166
SECUNIA: 31437
SECUNIA: 31882
CERT: TA08-260A
VUPEN: ADV-2008-2584
FEDORA: FEDORA-2008-6338
FEDORA: FEDORA-2008-6422
SECUNIA: 31091
CONFIRM: http://svn.clamav.net/...
XF: clamav-petitec-dos(44200)