[VIM] ClamAV MEW/PE dupes - CVE-2007-5759 / CVE-2007-6335

Steven M. Christey coley at mitre.org
Thu Dec 20 00:52:58 UTC 2007

FYI, iDefense used CVE-2007-5759 but ClamAV later acquired
CVE-2007-6335 independently.  The VDB's are using 5759, but Debian
inherited 6335, so I'm going with 6335 instead... sorry.

- Steve

Name: CVE-2007-5759
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759

** REJECT **

DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2007-6335.  Reason:
This candidate is a duplicate of CVE-2007-6335.  Notes: All CVE users
should reference CVE-2007-6335 instead of this candidate.  All
references and descriptions in this candidate have been removed to
prevent accidental usage.

Name: CVE-2007-6335
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335
Reference: IDEFENSE:20071218 ClamAV libclamav MEW PE File Integer Overflow Vulnerability
Reference: URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634
Reference: DEBIAN:DSA-1435
Reference: URL:http://www.debian.org/security/2007/dsa-1435
Reference: SECUNIA:28117
Reference: URL:http://secunia.com/advisories/28117

Integer overflow in libclamav in ClamAV before 0.92 allows remote
attackers to execute arbitrary code via a crafted MEW packed PE file,
which triggers a heap-based buffer overflow.

More information about the VIM mailing list