Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 28 Mar 2012 23:05:03 -0600

On 03/28/2012 12:51 AM, Henri Salo wrote:
Can I get 2007 CVE-identifier for "fix floating point exception when using ScanOLE2" vulnerability:

clamav (0.91.2-1) unstable; urgency=low

  * New upstream version
    - fix call to tolower() which led to a crash in libclamav
    - fix possible NULL dereference, e.g. when parsing email with RFC2397
      URI
    - fix floating point exception when using ScanOLE2
    - fix possible NULL dereference in rtf.c

 -- Stephen Gran <sgran () debian org>  Tue, 21 Aug 2007 11:17:01 +0100

Different issue than CVE-2007-2650, which was fixed in 0.90.3

http://security-tracker.debian.org/tracker/TEMP-0000000-6B8835

Other issues have CVEs: CVE-2007-4510, CVE-2007-4560. I requested this CVE-identifier before, but it did not get 
assigned.

- Henri Salo

Please use CVE-2007-6745 for this issue.

-- 
Kurt Seifried Red Hat Security Response Team (SRT)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault