ByteOS Network

Vulnerability Details :

CVE-2007-4510

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-23 Aug, 2007 | 19:00

Updated At-07 Aug, 2024 | 15:01

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:23 Aug, 2007 | 19:00

Updated At:07 Aug, 2024 | 15:01

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/36173	vdb-entry x_refsource_XF
http://security.gentoo.org/glsa/glsa-200709-14.xml	vendor-advisory x_refsource_GENTOO
http://secunia.com/advisories/26552	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/26822	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/26916	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/25398	vdb-entry x_refsource_BID
http://secunia.com/advisories/26683	third-party-advisory x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html	vendor-advisory x_refsource_FEDORA
http://www.debian.org/security/2007/dsa-1366	vendor-advisory x_refsource_DEBIAN
http://kolab.org/security/kolab-vendor-notice-17.txt	x_refsource_CONFIRM
http://securityreason.com/securityalert/3054	third-party-advisory x_refsource_SREASON
http://www.vupen.com/english/advisories/2008/0924/references	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/26530	third-party-advisory x_refsource_SECUNIA
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611	x_refsource_CONFIRM
http://www.trustix.org/errata/2007/0026/	vendor-advisory x_refsource_TRUSTIX
http://secunia.com/advisories/29420	third-party-advisory x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_18_sr.html	vendor-advisory x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	vendor-advisory x_refsource_APPLE
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582	x_refsource_CONFIRM
http://secunia.com/advisories/26751	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/26654	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/36177	vdb-entry x_refsource_XF
http://docs.info.apple.com/article.html?artnum=307562	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:172	vendor-advisory x_refsource_MANDRIVA
http://sourceforge.net/project/shownotes.php?release_id=533658	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/2952	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/26674	third-party-advisory x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36173

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://security.gentoo.org/glsa/glsa-200709-14.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://secunia.com/advisories/26552

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/26822

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/26916

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/bid/25398

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/26683

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.debian.org/security/2007/dsa-1366

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://kolab.org/security/kolab-vendor-notice-17.txt

Resource:

x_refsource_CONFIRM

Hyperlink: http://securityreason.com/securityalert/3054

Resource:

third-party-advisory

x_refsource_SREASON

Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/26530

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.trustix.org/errata/2007/0026/

Resource:

vendor-advisory

x_refsource_TRUSTIX

Hyperlink: http://secunia.com/advisories/29420

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.novell.com/linux/security/advisories/2007_18_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/26751

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/26654

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36177

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://docs.info.apple.com/article.html?artnum=307562

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:172

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=533658

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2007/2952

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/26674

Resource:

third-party-advisory

x_refsource_SECUNIA

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/36173	vdb-entry x_refsource_XF x_transferred
http://security.gentoo.org/glsa/glsa-200709-14.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://secunia.com/advisories/26552	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/26822	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/26916	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/bid/25398	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/26683	third-party-advisory x_refsource_SECUNIA x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.debian.org/security/2007/dsa-1366	vendor-advisory x_refsource_DEBIAN x_transferred
http://kolab.org/security/kolab-vendor-notice-17.txt	x_refsource_CONFIRM x_transferred
http://securityreason.com/securityalert/3054	third-party-advisory x_refsource_SREASON x_transferred
http://www.vupen.com/english/advisories/2008/0924/references	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/26530	third-party-advisory x_refsource_SECUNIA x_transferred
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611	x_refsource_CONFIRM x_transferred
http://www.trustix.org/errata/2007/0026/	vendor-advisory x_refsource_TRUSTIX x_transferred
http://secunia.com/advisories/29420	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.novell.com/linux/security/advisories/2007_18_sr.html	vendor-advisory x_refsource_SUSE x_transferred
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	vendor-advisory x_refsource_APPLE x_transferred
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/26751	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/26654	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/36177	vdb-entry x_refsource_XF x_transferred
http://docs.info.apple.com/article.html?artnum=307562	x_refsource_CONFIRM x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:172	vendor-advisory x_refsource_MANDRIVA x_transferred
http://sourceforge.net/project/shownotes.php?release_id=533658	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2007/2952	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/26674	third-party-advisory x_refsource_SECUNIA x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36173

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200709-14.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://secunia.com/advisories/26552

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/26822

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/26916

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securityfocus.com/bid/25398

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/26683

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://www.debian.org/security/2007/dsa-1366

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://kolab.org/security/kolab-vendor-notice-17.txt

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://securityreason.com/securityalert/3054

Resource:

third-party-advisory

x_refsource_SREASON

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/26530

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.trustix.org/errata/2007/0026/

Resource:

vendor-advisory

x_refsource_TRUSTIX

x_transferred

Hyperlink: http://secunia.com/advisories/29420

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.novell.com/linux/security/advisories/2007_18_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/26751

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/26654

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36177

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://docs.info.apple.com/article.html?artnum=307562

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:172

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=533658

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/2952

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/26674

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:23 Aug, 2007 | 19:17

Updated At:29 Jul, 2017 | 01:32

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:N/A:P

CPE Matches

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://docs.info.apple.com/article.html?artnum=307562	cve@mitre.org	N/A
http://kolab.org/security/kolab-vendor-notice-17.txt	cve@mitre.org	N/A
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html	cve@mitre.org	N/A
http://secunia.com/advisories/26530	cve@mitre.org	Patch Vendor Advisory
http://secunia.com/advisories/26552	cve@mitre.org	Patch Vendor Advisory
http://secunia.com/advisories/26654	cve@mitre.org	N/A
http://secunia.com/advisories/26674	cve@mitre.org	N/A
http://secunia.com/advisories/26683	cve@mitre.org	N/A
http://secunia.com/advisories/26751	cve@mitre.org	N/A
http://secunia.com/advisories/26822	cve@mitre.org	N/A
http://secunia.com/advisories/26916	cve@mitre.org	N/A
http://secunia.com/advisories/29420	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200709-14.xml	cve@mitre.org	N/A
http://securityreason.com/securityalert/3054	cve@mitre.org	N/A
http://sourceforge.net/project/shownotes.php?release_id=533658	cve@mitre.org	N/A
http://www.debian.org/security/2007/dsa-1366	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:172	cve@mitre.org	N/A
http://www.novell.com/linux/security/advisories/2007_18_sr.html	cve@mitre.org	N/A
http://www.securityfocus.com/bid/25398	cve@mitre.org	Patch
http://www.trustix.org/errata/2007/0026/	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/2952	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2008/0924/references	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36173	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36177	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html	cve@mitre.org	N/A
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582	cve@mitre.org	N/A
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611	cve@mitre.org	N/A

Hyperlink: http://docs.info.apple.com/article.html?artnum=307562

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://kolab.org/security/kolab-vendor-notice-17.txt

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26530

Source: cve@mitre.org

Resource:

Patch

Vendor Advisory

Hyperlink: http://secunia.com/advisories/26552

Source: cve@mitre.org

Resource:

Patch

Vendor Advisory

Hyperlink: http://secunia.com/advisories/26654

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26674

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26683

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26751

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26822

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26916

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/29420

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200709-14.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://securityreason.com/securityalert/3054

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=533658

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.debian.org/security/2007/dsa-1366

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:172

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.novell.com/linux/security/advisories/2007_18_sr.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/25398

Source: cve@mitre.org

Resource:

Patch

Hyperlink: http://www.trustix.org/errata/2007/0026/

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/2952

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2008/0924/references

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36173

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36177

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611

Source: cve@mitre.org

Resource: N/A

Similar CVEs

4Records found

CVE-2008-1387

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-6.51% / 90.72%

7 Day CHG~0.00%

Published-16 Apr, 2008 | 16:00

Updated-07 Aug, 2024 | 08:17

ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

Vendor-clam_anti-virus n/a

Product-clamav n/a

CVE-2008-1836

Matching Score-8

Assigner-Red Hat, Inc.

View Details

Matching Score-8

Assigner-Red Hat, Inc.

CVSS Score-4.3||MEDIUM

EPSS-5.43% / 89.78%

7 Day CHG~0.00%

Published-16 Apr, 2008 | 16:00

Updated-07 Aug, 2024 | 08:40

The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

Vendor-clam_anti-virus n/a

Product-clamav n/a

CVE-2007-3725

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-19.07% / 95.10%

7 Day CHG~0.00%

Published-12 Jul, 2007 | 16:00

Updated-07 Aug, 2024 | 14:28

The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.

Vendor-clam_anti-virus n/a

Product-clamav n/a

CVE-2008-5314

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-26.69% / 96.15%

7 Day CHG~0.00%

Published-03 Dec, 2008 | 17:00

Updated-07 Aug, 2024 | 10:49

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

Vendor-clam_anti-virus n/a

Product-clamav n/a

CWE ID-CWE-399

Not Available

CVE-2007-4510

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs