Denial of Service Vulnerability in ClamAV's tnef_attachment Function
CVE-2005-3500 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.
Learn more about our Web Application Penetration Testing UK.