Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
开源软件 ClamAV ENSURE_BITS 拒绝服务漏洞
Vulnerability Description
Clam AntiVirus一款开源的杀毒工具包。 Clam AntiVirus 0.83及其他0.86前的版本中mszipd.c的ENSURE_BITS宏存在拒绝服务漏洞。 通过特制的cab文件,将cffile_FolderOffset设置为0xff,将导致长度为0的读取,而ENSURE_BITS宏不能检查0长度读取,攻击者可利用此漏洞引起死循环,导致CPU资源消耗,形成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A