Unrated severityNVD Advisory· Published Apr 16, 2007· Updated Apr 23, 2026

CVE-2007-1745

Description

The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.

Affected products

ClamAV/Clamav
cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
Range: <=0.90.1
Ifenslave/Ifenslave
cpe:2.3:a:ifenslave:ifenslave:0.88:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24891nvdVendor Advisory
docs.info.apple.com/article.htmlnvd
lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlnvd
osvdb.org/34913nvd
secunia.com/advisories/24920nvd
secunia.com/advisories/24946nvd
secunia.com/advisories/24996nvd
secunia.com/advisories/25022nvd
secunia.com/advisories/25028nvd
secunia.com/advisories/25189nvd
secunia.com/advisories/29420nvd
security.gentoo.org/glsa/glsa-200704-21.xmlnvd
sourceforge.net/project/shownotes.phpnvd
support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.htmlnvd
www.debian.org/security/2007/dsa-1281nvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2007_26_clamav.htmlnvd
www.securityfocus.com/bid/23473nvd
www.trustix.org/errata/2007/0013/nvd
www.vupen.com/english/advisories/2007/1378nvd
www.vupen.com/english/advisories/2008/0924/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/33636nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000