CVE-2006-1989

EPSS 4.5%

clamav - buffer overflow

Published: 5/1/2006Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-1989

Description

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

Affected packages (2)

Debian/clamavfrom 0, < 0.88.2
Debian/clamavfrom 0, < 0.84-2.sarge.9

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1989