CVE-2007-1745

EPSS 2.8%

clamav - several vulnerabilities

Published: 4/16/2007Modified: 4/28/2026

Description

The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.

Affected packages (3)

Debian/clamavfrom 0, < 0.90.2-1
Debian/clamavfrom 0, < 0.84-2.sarge.16
Debian/clamavfrom 0, < 0.90.1-3lenny2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-1745