Vulnerability Description
The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clam Anti-Virus | Clamav | 0.81 |
References
- http://sourceforge.net/project/shownotes.php?release_id=336462Patch
- http://www.debian.org/security/2005/dsa-737
- http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flasPatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=336462Patch
- http://www.debian.org/security/2005/dsa-737
- http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flasPatchVendor Advisory
FAQ
What is CVE-2005-1922?
CVE-2005-1922 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated...
How severe is CVE-2005-1922?
CVE-2005-1922 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1922?
Check the references section above for vendor advisories and patch information. Affected products include: Clam Anti-Virus Clamav.