oss-sec mailing list archives
Re: CVE-request: clamav floating point exception in OLE2 scanner DoS (2007)
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 28 Mar 2012 23:05:03 -0600
On 03/28/2012 12:51 AM, Henri Salo wrote:
Can I get 2007 CVE-identifier for "fix floating point exception when using ScanOLE2" vulnerability: clamav (0.91.2-1) unstable; urgency=low * New upstream version - fix call to tolower() which led to a crash in libclamav - fix possible NULL dereference, e.g. when parsing email with RFC2397 URI - fix floating point exception when using ScanOLE2 - fix possible NULL dereference in rtf.c -- Stephen Gran <sgran () debian org> Tue, 21 Aug 2007 11:17:01 +0100 Different issue than CVE-2007-2650, which was fixed in 0.90.3 http://security-tracker.debian.org/tracker/TEMP-0000000-6B8835 Other issues have CVEs: CVE-2007-4510, CVE-2007-4560. I requested this CVE-identifier before, but it did not get assigned. - Henri Salo
Please use CVE-2007-6745 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- CVE-request: clamav floating point exception in OLE2 scanner DoS (2007) Henri Salo (Mar 27)
- Re: CVE-request: clamav floating point exception in OLE2 scanner DoS (2007) Kurt Seifried (Mar 28)