[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2012-03-29 5:05:03
Message-ID: 4F73ED7F.9090402 () redhat ! com
[Download RAW message or body]
On 03/28/2012 12:51 AM, Henri Salo wrote:
> Can I get 2007 CVE-identifier for "fix floating point exception when using ScanOLE2" \
> vulnerability:
> clamav (0.91.2-1) unstable; urgency=low
>
> * New upstream version
> - fix call to tolower() which led to a crash in libclamav
> - fix possible NULL dereference, e.g. when parsing email with RFC2397
> URI
> - fix floating point exception when using ScanOLE2
> - fix possible NULL dereference in rtf.c
>
> -- Stephen Gran <sgran@debian.org> Tue, 21 Aug 2007 11:17:01 +0100
>
> Different issue than CVE-2007-2650, which was fixed in 0.90.3
>
> http://security-tracker.debian.org/tracker/TEMP-0000000-6B8835
>
> Other issues have CVEs: CVE-2007-4510, CVE-2007-4560. I requested this CVE-identifier before, \
> but it did not get assigned.
> - Henri Salo
Please use CVE-2007-6745 for this issue.
--
Kurt Seifried Red Hat Security Response Team (SRT)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic