CVE-2007-2650
Summary
| CVE | CVE-2007-2650 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-05-14 21:19:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
PartialAV:N/AC:M/Au:N/C:N/I:N/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Clamav | Clamav | All | All | All | All |
| Operating System | Debian | Debian Linux | 3.1 | All | All | All |
| Operating System | Debian | Debian Linux | 4.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Not Found | af854a3a-2127-422b-91ae-364da2661108 | lurker.clamav.net | Broken Link |
| Trustix update for clamav - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| ClamAV: Multiple Denials of Service — Gentoo Linux Documentation | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | Third Party Advisory |
| www.trustix.org/errata/2007/0020 | af854a3a-2127-422b-91ae-364da2661108 | www.trustix.org | Broken Link |
| Debian update for clamav - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| Kolab Server ClamAV Denial of Service - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| Mandriva update for clamav - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| Clam AntiVirus ClamAV OLE2 Parser Remote Denial Of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| 404 Not Found | af854a3a-2127-422b-91ae-364da2661108 | kolab.org | Broken Link |
| Support / Security / Advisories / / MDKSA-2007:115 | Mandriva | af854a3a-2127-422b-91ae-364da2661108 | www.mandriva.com | Third Party Advisory |
| Security Announcement | af854a3a-2127-422b-91ae-364da2661108 | www.novell.com | Third Party Advisory |
| Debian -- Security Information -- DSA-1320-1 clamav | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| ClamAV Multiple Vulnerabilities - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Third Party Advisory |
| Gmane -- Mail To News And Back Again | af854a3a-2127-422b-91ae-364da2661108 | article.gmane.org | Broken Link |
| svn.clamav.net/svn/clamav-devel/trunk/ChangeLog | af854a3a-2127-422b-91ae-364da2661108 | svn.clamav.net | Broken Link |
| Gentoo update for clamav - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| SUSE update for clamav - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Third Party Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Permissions Required |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.