High severity7.5NVD Advisory· Published Feb 16, 2007· Updated Apr 23, 2026
CVE-2007-0897
CVE-2007-0897
Description
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
Affected products
3- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- secunia.com/advisories/24187nvdBroken LinkPatchVendor Advisory
- www.securityfocus.com/bid/22580nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvdBroken LinkVendor Advisory
- secunia.com/advisories/24183nvdBroken LinkVendor Advisory
- secunia.com/advisories/24192nvdBroken LinkVendor Advisory
- secunia.com/advisories/24319nvdBroken LinkVendor Advisory
- secunia.com/advisories/24332nvdBroken LinkVendor Advisory
- secunia.com/advisories/24425nvdBroken LinkVendor Advisory
- security.gentoo.org/glsa/glsa-200703-03.xmlnvdThird Party Advisory
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/32531nvdThird Party AdvisoryVDB Entry
- docs.info.apple.com/article.htmlnvdBroken Link
- lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlnvdMailing List
- lists.suse.com/archive/suse-security-announce/2007-Feb/0004.htmlnvdBroken Link
- osvdb.org/32283nvdBroken Link
- secunia.com/advisories/29420nvdBroken Link
- www.debian.org/security/2007/dsa-1263nvdMailing List
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.vupen.com/english/advisories/2007/0623nvdBroken Link
- www.vupen.com/english/advisories/2008/0924/referencesnvdBroken Link
News mentions
0No linked articles in our index yet.