CVE-2008-0728

The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
clamavclamav
𝑥
≤ 0.92
clamavclamav
0.01
clamavclamav
0.02
clamavclamav
0.3
clamavclamav
0.03
clamavclamav
0.05
clamavclamav
0.8:rc3
clamavclamav
0.9:rc1
clamavclamav
0.10
clamavclamav
0.12
clamavclamav
0.13
clamavclamav
0.14
clamavclamav
0.14:pre
clamavclamav
0.15
clamavclamav
0.20
clamavclamav
0.21
clamavclamav
0.22
clamavclamav
0.23
clamavclamav
0.24
clamavclamav
0.51
clamavclamav
0.52
clamavclamav
0.53
clamavclamav
0.54
clamavclamav
0.60
clamavclamav
0.60p:p
clamavclamav
0.65
clamavclamav
0.66
clamavclamav
0.67
clamavclamav
0.67-1
clamavclamav
0.68
clamavclamav
0.68.1
clamavclamav
0.70
clamavclamav
0.70:rc
clamavclamav
0.71
clamavclamav
0.72
clamavclamav
0.73
clamavclamav
0.74
clamavclamav
0.75
clamavclamav
0.75.1
clamavclamav
0.80
clamavclamav
0.80:rc
clamavclamav
0.80:rc1
clamavclamav
0.80:rc2
clamavclamav
0.80:rc3
clamavclamav
0.80:rc4
clamavclamav
0.80_rc:_rc
clamavclamav
0.81
clamavclamav
0.81:rc1
clamavclamav
0.82
clamavclamav
0.83
clamavclamav
0.84
clamavclamav
0.84:rc1
clamavclamav
0.84:rc2
clamavclamav
0.85
clamavclamav
0.85.1
clamavclamav
0.86
clamavclamav
0.86:rc1
clamavclamav
0.86.1
clamavclamav
0.86.2
clamavclamav
0.87
clamavclamav
0.87.1
clamavclamav
0.88
clamavclamav
0.88.1
clamavclamav
0.88.2
clamavclamav
0.88.3
clamavclamav
0.88.4
clamavclamav
0.88.5
clamavclamav
0.88.6
clamavclamav
0.88.7
clamavclamav
0.88.7_p0:_p0
clamavclamav
0.88.7_p1:_p1
clamavclamav
0.90
clamavclamav
0.90:rc1
clamavclamav
0.90:rc1.1
clamavclamav
0.90:rc2
clamavclamav
0.90:rc3
clamavclamav
0.90.1
clamavclamav
0.90.1_p0:_p0
clamavclamav
0.90.2
clamavclamav
0.90.2_p0:_p0
clamavclamav
0.90.3
clamavclamav
0.90.3_p0:_p0
clamavclamav
0.90.3_p1:_p1
clamavclamav
0.91
clamavclamav
0.91:rc1
clamavclamav
0.91:rc2
clamavclamav
0.91.1
clamavclamav
0.91.2
clamavclamav
0.91.2_p0:_p0
clamavclamav
0.92_p0:_p0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
clamav
bullseye
0.103.10+dfsg-0+deb11u1
fixed
etch
not-affected
bookworm
1.0.5+dfsg-1~deb12u1
fixed
sid
1.4.1+dfsg-1
fixed
trixie
1.4.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
clamav
hardy
not-affected
gutsy
Fixed 0.92.1~dfsg2-1.1~gutsy2
released
feisty
Fixed 0.92.1~dfsg2-1.1~feisty2
released
edgy
ignored
dapper
Fixed 0.92.1~dfsg2-1.1~dapper2
released
Common Weakness Enumeration
References
http://bugs.gentoo.org/show_bug.cgi?id=209915
http://docs.info.apple.com/article.html?artnum=307562
http://kolab.org/security/kolab-vendor-notice-19.txt
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://secunia.com/advisories/28907
http://secunia.com/advisories/29001
http://secunia.com/advisories/29026
http://secunia.com/advisories/29048
http://secunia.com/advisories/29060
http://secunia.com/advisories/29420
http://security.gentoo.org/glsa/glsa-200802-09.xml
http://sourceforge.net/project/shownotes.php?release_id=575703
http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
http://www.vupen.com/english/advisories/2008/0503
http://www.vupen.com/english/advisories/2008/0606
http://www.vupen.com/english/advisories/2008/0924/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/40474
http://bugs.gentoo.org/show_bug.cgi?id=209915
http://docs.info.apple.com/article.html?artnum=307562
http://kolab.org/security/kolab-vendor-notice-19.txt
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html
http://secunia.com/advisories/28907
http://secunia.com/advisories/29001
http://secunia.com/advisories/29026
http://secunia.com/advisories/29048
http://secunia.com/advisories/29060
http://secunia.com/advisories/29420
http://security.gentoo.org/glsa/glsa-200802-09.xml
http://sourceforge.net/project/shownotes.php?release_id=575703
http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088
http://www.vupen.com/english/advisories/2008/0503
http://www.vupen.com/english/advisories/2008/0606
http://www.vupen.com/english/advisories/2008/0924/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/40474