Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-0898
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-16 Feb, 2007 | 19:28
Updated At-29 Jul, 2017 | 01:30

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.4MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
CPE Matches
clam_anti-virus
clam_anti-virus
>>clamav>>Versions up to 0.88.6(inclusive)
cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.15
cpe:2.3:a:clam_anti-virus:clamav:0.15:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.20
cpe:2.3:a:clam_anti-virus:clamav:0.20:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.21
cpe:2.3:a:clam_anti-virus:clamav:0.21:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.22
cpe:2.3:a:clam_anti-virus:clamav:0.22:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.23
cpe:2.3:a:clam_anti-virus:clamav:0.23:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.24
cpe:2.3:a:clam_anti-virus:clamav:0.24:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.51
cpe:2.3:a:clam_anti-virus:clamav:0.51:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.52
cpe:2.3:a:clam_anti-virus:clamav:0.52:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.53
cpe:2.3:a:clam_anti-virus:clamav:0.53:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.54
cpe:2.3:a:clam_anti-virus:clamav:0.54:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.60
cpe:2.3:a:clam_anti-virus:clamav:0.60:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.60p
cpe:2.3:a:clam_anti-virus:clamav:0.60p:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.65
cpe:2.3:a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.67
cpe:2.3:a:clam_anti-virus:clamav:0.67:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.68
cpe:2.3:a:clam_anti-virus:clamav:0.68:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.68.1
cpe:2.3:a:clam_anti-virus:clamav:0.68.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.70
cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.71
cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.72
cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.73
cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.74
cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.75
cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.75.1
cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.80
cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.80_rc1
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.80_rc2
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.80_rc3
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.80_rc4
cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.81
cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.81_rc1
cpe:2.3:a:clam_anti-virus:clamav:0.81_rc1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.82
cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.83
cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.84
cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.84_rc1
cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.84_rc2
cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.85
cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.85.1
cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.86
cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.86.1
cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.86.2
cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.86_rc1
cpe:2.3:a:clam_anti-virus:clamav:0.86_rc1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.87
cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.87.1
cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.88
cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.88.1
cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.88.3
cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:*
clam_anti-virus
clam_anti-virus
>>clamav>>0.88.4
cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

This vulnerability is addressed in the following product release: Clam Anti-Virus, ClamAV, 0.90

Vendor Statements
References
HyperlinkSourceResource
http://docs.info.apple.com/article.html?artnum=307562cve@mitre.org
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=476cve@mitre.org
Patch
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlcve@mitre.org
N/A
http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.htmlcve@mitre.org
N/A
http://osvdb.org/32282cve@mitre.org
N/A
http://secunia.com/advisories/24183cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24187cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/24192cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24319cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24332cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24425cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/29420cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200703-03.xmlcve@mitre.org
N/A
http://www.debian.org/security/2007/dsa-1263cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:043cve@mitre.org
N/A
http://www.securityfocus.com/bid/22581cve@mitre.org
Patch
http://www.securitytracker.com/id?1017660cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/0623cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2008/0924/referencescve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/32535cve@mitre.org
N/A
Change History
0Changes found
Details not found