267246 – (CVE-2009-1372) <app-antivirus/clamav-0.95.1 Stack-based buffer overflow in libclamav/phishcheck.c (CVE-2009-1372)

Bug 267246 (CVE-2009-1372) - <app-antivirus/clamav-0.95.1 Stack-based buffer overflow in libclamav/phishcheck.c (CVE-2009-1372)

Summary: <app-antivirus/clamav-0.95.1 Stack-based buffer overflow in libclamav/phishch...

Status:	RESOLVED DUPLICATE of bug 265545

Alias:	CVE-2009-1372

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	https://wwws.clamav.net/bugzilla/show...
Whiteboard:	B2 [stable]
Keywords:

Depends on:
Blocks:

Reported:	2009-04-23 16:47 UTC by Stefan Behte (RETIRED)
Modified:	2009-04-23 16:48 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Behte (RETIRED) gentoo-dev

2009-04-23 16:47:57 UTC

CVE-2009-1372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1372):
  Stack-based buffer overflow in the cli_url_canon function in
  libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote
  attackers to cause a denial of service (application crash) and
  possibly execute arbitrary code via a crafted URL.

Comment 1 Stefan Behte (RETIRED) gentoo-dev

2009-04-23 16:48:44 UTC


*** This bug has been marked as a duplicate of bug 265545 ***