VYPR
Unrated severityNVD Advisory· Published Jul 5, 2005· Updated Jun 16, 2026

CVE-2005-1923

CVE-2005-1923

Description

The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.

Affected products

6
  • ClamAV/Clamav6 versions
    cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*
    • cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
    • cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
    • (no CPE)range: <0.86

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.