CVE-2008-6845

EUVD-2008-6805
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
clamavclamav
𝑥
≤ 0.93.3
clamavclamav
0.01
clamavclamav
0.02
clamavclamav
0.3
clamavclamav
0.03
clamavclamav
0.05
clamavclamav
0.10
clamavclamav
0.12
clamavclamav
0.13
clamavclamav
0.14:pre
clamavclamav
0.15
clamavclamav
0.20
clamavclamav
0.21
clamavclamav
0.22
clamavclamav
0.23
clamavclamav
0.24
clamavclamav
0.51
clamavclamav
0.52
clamavclamav
0.53
clamavclamav
0.54
clamavclamav
0.60
clamavclamav
0.60p:p
clamavclamav
0.65
clamavclamav
0.66
clamavclamav
0.67
clamavclamav
0.67-1
clamavclamav
0.68
clamavclamav
0.68.1
clamavclamav
0.70
clamavclamav
0.70:rc
clamavclamav
0.71
clamavclamav
0.72
clamavclamav
0.73
clamavclamav
0.74
clamavclamav
0.75
clamavclamav
0.75.1
clamavclamav
0.80
clamavclamav
0.80:rc4
clamavclamav
0.81
clamavclamav
0.82
clamavclamav
0.83
clamavclamav
0.84
clamavclamav
0.85
clamavclamav
0.85.1
clamavclamav
0.86
clamavclamav
0.86.1
clamavclamav
0.86.2
clamavclamav
0.87
clamavclamav
0.87.1
clamavclamav
0.88
clamavclamav
0.88.1
clamavclamav
0.88.2
clamavclamav
0.88.3
clamavclamav
0.88.4
clamavclamav
0.88.5
clamavclamav
0.88.6
clamavclamav
0.88.7
clamavclamav
0.88.7_p0:_p0
clamavclamav
0.88.7_p1:_p1
clamavclamav
0.90
clamavclamav
0.90.1
clamavclamav
0.90.1_p0:_p0
clamavclamav
0.90.2
clamavclamav
0.90.2_p0:_p0
clamavclamav
0.90.3
clamavclamav
0.90.3_p0:_p0
clamavclamav
0.90.3_p1:_p1
clamavclamav
0.91
clamavclamav
0.91.1
clamavclamav
0.91.2
clamavclamav
0.91.2_p0:_p0
clamavclamav
0.92
clamavclamav
0.92.1
clamavclamav
0.92_p0:_p0
clamavclamav
0.93
clamavclamav
0.93.1
clamavclamav
0.93.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
clamav
bookworm
1.0.5+dfsg-1~deb12u1
fixed
bullseye
0.103.10+dfsg-0+deb11u1
fixed
etch
no-dsa
sid
1.4.1+dfsg-1
fixed
trixie
1.4.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
clamav
dapper
Fixed 0.94.dfsg.2-1ubuntu0.3~dapper2
released
hardy
Fixed 0.94.dfsg.2-1ubuntu0.3~hardy4
released
intrepid
Fixed 0.94.dfsg.2-1ubuntu0.5
released
jaunty
Fixed 0.95.3+dfsg-1ubuntu0.09.04
released
karmic
Fixed 0.95.3+dfsg-1ubuntu0.09.10
released
References
http://osvdb.org/51963
http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html
http://www.securityfocus.com/archive/1/499078/100/0/threaded
http://www.securityfocus.com/bid/32752
http://osvdb.org/51963
http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html
http://www.securityfocus.com/archive/1/499078/100/0/threaded
http://www.securityfocus.com/bid/32752