Unrated severityNVD Advisory· Published Aug 3, 2005· Updated Apr 16, 2026

CVE-2005-2450

Description

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.

Affected products

ClamAV/Clamav3 versions
cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*
- cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sourceforge.net/project/shownotes.phpnvdPatch
distro.conectiva.com.br/atualizacoes/nvd
marc.infonvd
secunia.com/advisories/16180nvd
secunia.com/advisories/16229nvd
secunia.com/advisories/16250nvd
secunia.com/advisories/16296nvd
secunia.com/advisories/16458nvd
security.gentoo.org/glsa/glsa-200507-25.xmlnvd
www.novell.com/linux/security/advisories/2005_18_sr.htmlnvd
www.osvdb.org/18257nvd
www.osvdb.org/18258nvd
www.osvdb.org/18259nvd
www.securityfocus.com/bid/14359nvd
exchange.xforce.ibmcloud.com/vulnerabilities/21555nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000