← Back

CVE-2005-1923

nvd nist
Published: Jul 5, 2005Modified: Apr 16, 2026

JSON object

Loading...
2.6
Vector
AV:N/AC:H/Au:N/C:N/I:N/A:P
Exploitability: 4.9 / Impact: 2.9
Source: NVD

Description

The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.

Affected (5)

Clam Anti Virus
1 product
Clamav
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Clam Anti Virus
Clamav
Version 0.83
Clamav
Version 0.84_rc1
Clamav
Version 0.84_rc2
Clamav
Version 0.85.1
Clamav
Version 0.85

References (4)

Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.