Description
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000069
Various Sources x_refsource_misc
http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26463
Scores
EPSS
0.0259
EPSS Percentile
83.4%
Details
CWE
CWE-94
Status
published
Products (2)
clam_anti-virus/clamav
0.91.1
clam_anti-virus/clamav
0.91.2
Published
Nov 20, 2007
Tracked Since
Feb 18, 2026