Rule

--
Sid
17602

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in clamav.

--
Impact:
Denial of Service.   

--
Detailed Information:
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

--
Affected Systems:
clam anti-virus clamav 0.11
clam anti-virus clamav 0.12
clam anti-virus clamav 0.13
clam anti-virus clamav 0.14
clam anti-virus clamav 0.15
clam anti-virus clamav 0.20
clam anti-virus clamav 0.21
clam anti-virus clamav 0.22
clam anti-virus clamav 0.23
clam anti-virus clamav 0.24
clam anti-virus clamav 0.51
clam anti-virus clamav 0.52
clam anti-virus clamav 0.53
clam anti-virus clamav 0.54
clam anti-virus clamav 0.60
clam anti-virus clamav 0.60p
clam anti-virus clamav 0.65
clam anti-virus clamav 0.67
clam anti-virus clamav 0.68
clam anti-virus clamav 0.68.1
clam anti-virus clamav 0.70
clam anti-virus clamav 0.71
clam anti-virus clamav 0.72
clam anti-virus clamav 0.73
clam anti-virus clamav 0.74
clam anti-virus clamav 0.75
clam anti-virus clamav 0.75.1
clam anti-virus clamav 0.80
clam anti-virus clamav 0.80
clam anti-virus clamav 0.80
clam anti-virus clamav 0.80
clam anti-virus clamav 0.81
clam anti-virus clamav 0.82
clam anti-virus clamav 0.83
clam anti-virus clamav 0.84
clam anti-virus clamav 0.84
clam anti-virus clamav 0.85
clam anti-virus clamav 0.85.1
clam anti-virus clamav 0.86
clam anti-virus clamav 0.86.1
clam anti-virus clamav 0.86.2
clam anti-virus clamav 0.87
clam anti-virus clamav 0.87.1
clam anti-virus clamav 0.88
clam anti-virus clamav 0.88.1
clam anti-virus clamav 0.88.2
clam anti-virus clamav 0.88.3
clam anti-virus clamav 0.88.4
clam anti-virus clamav 0.88.5
clam anti-virus clamav 0.88.6
clam anti-virus clamav 0.88.7
clam anti-virus clamav 0.90
clam anti-virus clamav 0.90.1
clam anti-virus clamav 0.90.2
clam anti-virus clamav 0.90.3
clam anti-virus clamav 0.91
clam anti-virus clamav 0.91.1
clam anti-virus clamav 0.91.2
clam anti-virus clamav 0.92
clam anti-virus clamav 0.92.1
clam anti-virus clamav 0.93
clam anti-virus clamav 0.93.1
clam anti-virus clamav 0.93.3

--
Attack Scenarios:


--
Ease of Attack:
Medium.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
For more information see http://nvd.nist.gov/

--
Additional References:

NIST CVE-2008-1389:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1389
  
--
