Unrated severityNVD Advisory· Published Jul 5, 2005· Updated Jun 16, 2026
CVE-2005-1923
CVE-2005-1923
Description
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.
Affected products
6cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
- (no CPE)range: <0.86
Patches
Vulnerability mechanics
References
2- www.idefense.com/application/poi/displaynvdPatchVendor Advisory
- www.debian.org/security/2005/dsa-737nvd
News mentions
0No linked articles in our index yet.