CVE-2007-4510

Published: Aug 23, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

Affected (8)

Products: Clam Anti Virus: Clamav · Kolab: Kolab Server

Clam Anti Virus

1 product

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Clam Anti Virus Clamav	Up to 0.91.2
Kolab Kolab Server	Version 2.0.1
Kolab Kolab Server	Version 2.0.2
Kolab Kolab Server	Version 2.0.3
Kolab Kolab Server	Version 2.0.4
Kolab Kolab Server	Version 2.0
Kolab Kolab Server	Version 2.1
Kolab Kolab Server	Version 2.2beta1

References (54)

http://docs.info.apple.com/article.html?artnum=307562

Source: cve@mitre.org

http://kolab.org/security/kolab-vendor-notice-17.txt

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: cve@mitre.org

http://secunia.com/advisories/26530

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/26552

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/26654

Source: cve@mitre.org

http://secunia.com/advisories/26674

Source: cve@mitre.org

http://secunia.com/advisories/26683

Source: cve@mitre.org

http://secunia.com/advisories/26751

Source: cve@mitre.org

http://secunia.com/advisories/26822

Source: cve@mitre.org

http://secunia.com/advisories/26916

Source: cve@mitre.org

http://secunia.com/advisories/29420

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200709-14.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/3054

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=533658

Source: cve@mitre.org

http://www.debian.org/security/2007/dsa-1366

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2007:172

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2007_18_sr.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/25398

Source: cve@mitre.org

Patch

http://www.trustix.org/errata/2007/0026/

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2952

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0924/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36173

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36177

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html

Source: cve@mitre.org

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582

Source: cve@mitre.org

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611

Source: cve@mitre.org

http://docs.info.apple.com/article.html?artnum=307562

Source: af854a3a-2127-422b-91ae-364da2661108

http://kolab.org/security/kolab-vendor-notice-17.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26530

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/26552

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/26654

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26674

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26683

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26751

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26822

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26916

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/29420

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200709-14.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/3054

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/project/shownotes.php?release_id=533658

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2007/dsa-1366

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2007:172

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2007_18_sr.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/25398

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.trustix.org/errata/2007/0026/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/2952

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/0924/references

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/36173

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/36177

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=582

Source: af854a3a-2127-422b-91ae-364da2661108

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=611

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.