CVE-2007-6029

Published: Nov 20, 2007Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

Affected (2)

Products: Clam Anti Virus: Clamav

Clam Anti Virus

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Clam Anti Virus Clamav	Version 0.91.1
Clam Anti Virus Clamav	Version 0.91.2

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (6)

http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.html

Source: cve@mitre.org

http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000069

Source: cve@mitre.org

http://www.securityfocus.com/bid/26463

Source: cve@mitre.org

http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000069

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26463

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.