cpe:/a:clam_anti-virus:clamav:0.92 CVE-2008-0318 2008-02-12T15:00:00.000-05:00 2011-03-07T00:00:00.000-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-02-12T15:44:00.000-05:00 ALLOWS_ADMIN_ACCESS SECTRACK 1019394 IDEFENSE 20080212 ClamAV libclamav PE File Integer Overflow Vulnerability BID 27751 SECUNIA 28907 SECUNIA 28913 SECUNIA 28949 SECUNIA 29001 SECUNIA 29026 SECUNIA 29048 SECUNIA 29060 SECUNIA 29420 VUPEN ADV-2008-0503 VUPEN ADV-2008-0606 VUPEN ADV-2008-0924 APPLE APPLE-SA-2008-03-18 DEBIAN DSA-1497 FEDORA FEDORA-2008-1608 FEDORA FEDORA-2008-1625 GENTOO GLSA-200802-09 MANDRIVA MDVSA-2008:088 SUSE SUSE-SR:2008:004 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=209915 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 CONFIRM http://kolab.org/security/kolab-vendor-notice-19.txt CONFIRM http://sourceforge.net/project/shownotes.php?release_id=575703 CONFIRM http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.