漏洞信息(CVE-2008-1100)

一、漏洞 CVE-2008-1100 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在 libclamav (libclamav/pe.c) 中的 cli_scanpe 函数中，缓冲区溢出可能导致远程攻击者通过创建的 Upack PE 文件执行任意代码。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

ClamAV缓冲区溢出漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

ClamAV（Clam AntiVirus）是Clamav团队的一套免费且开源的杀毒软件。该软件用于检测木马、病毒、恶意软件和其他恶意威胁。 ClamAV存在缓冲区溢出漏洞，如果杀毒软件检测到了恶意的Upack文件时就会触发这个溢出，导致执行任意指令。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

授权问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2008-1100 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2008-1100 的情报信息

http://kolab.org/security/kolab-vendor-notice-20.txt x_refsource_CONFIRM
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878 x_refsource_CONFIRM
http://secunia.com/secunia_research/2008-11/advisory/ x_refsource_MISC
http://www.securityfocus.com/bid/28756 vdb-entry x_refsource_BID
http://secunia.com/advisories/30253 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29886 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30328 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29863 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29975 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31882 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/28784 vdb-entry x_refsource_BID
http://secunia.com/advisories/29891 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/29000 third-party-advisory x_refsource_SECUNIA
http://www.securitytracker.com/id?1019837 vdb-entry x_refsource_SECTRACK
http://www.debian.org/security/2008/dsa-1549 vendor-advisory x_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/858595 third-party-advisory x_refsource_CERT-VN
http://www.us-cert.gov/cas/techalerts/TA08-260A.html third-party-advisory x_refsource_CERT
http://www.vupen.com/english/advisories/2008/2584 vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/1218/references vdb-entry x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200805-19.xml vendor-advisory x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 vendor-advisory x_refsource_MANDRIVA
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html vendor-advisory x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html vendor-advisory x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html vendor-advisory x_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html vendor-advisory x_refsource_FEDORA
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html vendor-advisory x_refsource_APPLE
http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html vendor-advisory x_refsource_SUSE
https://exchange.xforce.ibmcloud.com/vulnerabilities/41789 vdb-entry x_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-1100

一、 漏洞 CVE-2008-1100 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2008-1100 的公开POC

三、漏洞 CVE-2008-1100 的情报信息

一、漏洞 CVE-2008-1100 基础信息