CVE-2011-3627

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-3627
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html
http://secunia.com/advisories/46717 Vendor Advisory
http://secunia.com/advisories/46826 Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/10/18/1
http://www.securityfocus.com/bid/50183
http://www.ubuntu.com/usn/USN-1258-1
https://bugzilla.redhat.com/show_bug.cgi?id=746984
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.96.5:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.97:*:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.97:rc:*:*:*:*:*:*
cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*
History

13 Feb 2023, 01:21

Type Values Removed Values Added
References
  • {'url': 'http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=3d664817f6ef833a17414a4ecea42004c35cc42f', 'name': 'http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=3d664817f6ef833a17414a4ecea42004c35cc42f', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • (MISC) http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f -
Information

Published : 2011-11-17 19:55

Updated : 2023-12-10 11:03

NVD link : CVE-2011-3627

Mitre link : CVE-2011-3627

CVE.ORG link : CVE-2011-3627

JSON object : View

Products Affected

clamav

  • clamav
CWE
CWE-189

Numeric Errors