Описание
The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.90.1 (включая)
Одно из
cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
cpe:2.3:a:ifenslave:ifenslave:0.88:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02143
Низкий
7.1 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 18 лет назад
The chm_decompress_stream function in libclamav/chmunpack.c in Clam An ...
github
больше 3 лет назад
The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 84%
0.02143
Низкий
7.1 High
CVSS2
Дефекты
NVD-CWE-Other