CVE-2005-1922

EPSS 0.74%

clamav - denial of service and privilege escalation

Published: 7/5/2005Modified: 4/28/2026

Description

The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.

Affected packages (3)

Debian/clamavfrom 0, < 0.86.1-1
Debian/clamavfrom 0, < 0.84-2.sarge.1
Debian/clamavfrom 0, < 0.86.2-4etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-1922