Mandriva Linux Security Advisory - An integer overflow vulnerability was reported by iDefense with clamav when parsing Portable Executable (PE) files packed in he MEW format. This could be exploited to cause a heap-based buffer overflow. Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files. As well, an unspecified vulnerability related to the bzip2 decompression algorithm was also discovered.
37b9a19cb61c4a301b58ab8777a496aecba98b36f31673396fda65b345441908Gentoo Linux Security Advisory GLSA 200712-20 - iDefense reported an integer overflow vulnerability in the cli_scanpe() function when parsing Portable Executable (PE) files packed in the MEW format, that could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). An unspecified vulnerability related to the bzip2 decompression algorithm has also been discovered (CVE-2007-6337). Versions less than 0.91.2-r1 are affected.
e3b7501c28f682a4dae876bbf5d70640402854f24b4eafc3f39148e015a7fbba
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed