ClamAV 'cli_check_jpeg_exploit' Function Malformed JPEG File Remote Denial Of Service Vulnerability

Bugtraq ID:	32555
Class:	Boundary Condition Error
CVE:	CVE-2008-5314
Remote:	Yes
Local:	No
Published:	Dec 01 2008 12:00AM
Updated:	Feb 13 2009 03:38PM
Credit:	Ilja Van Sprundel
Vulnerable:	Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 10 SuSE Linux 11 SuSE Linux 10.3 Mandriva Linux Mandrake 2009.0 x86_64 Mandriva Linux Mandrake 2009.0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Kolab Kolab Groupware Server 2.2 Kolab Kolab Groupware Server 2.1 Kolab Kolab Groupware Server 2.0.4 Kolab Kolab Groupware Server 2.0.3 Kolab Kolab Groupware Server 2.0.2 Kolab Kolab Groupware Server 2.0.1 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Clam Anti-Virus ClamAV 0.94.1 Clam Anti-Virus ClamAV 0.93.1 Clam Anti-Virus ClamAV 0.94 Clam Anti-Virus ClamAV 0.93 Apple Mac OS X Server 10.5.6 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.11

Not Vulnerable:	Clam Anti-Virus ClamAV 0.94.2