CVE-2006-1615 - Vulnerability Details

Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Clamav	Clamav

Configuration 1 [-]

OR	cpe:2.3:a:clamav:clamav::::::::
	cpe:2.3:a:clamav:clamav:0.01:::::::*
	cpe:2.3:a:clamav:clamav:0.02:::::::*
	cpe:2.3:a:clamav:clamav:0.3:::::::*
	cpe:2.3:a:clamav:clamav:0.03:::::::*
	cpe:2.3:a:clamav:clamav:0.05:::::::*
	cpe:2.3:a:clamav:clamav:0.8:rc3::::::
	cpe:2.3:a:clamav:clamav:0.10:::::::*
	cpe:2.3:a:clamav:clamav:0.12:::::::*
	cpe:2.3:a:clamav:clamav:0.13:::::::*
	cpe:2.3:a:clamav:clamav:0.14:::::::*
	cpe:2.3:a:clamav:clamav:0.14:pre::::::
	cpe:2.3:a:clamav:clamav:0.15:::::::*
	cpe:2.3:a:clamav:clamav:0.20:::::::*
	cpe:2.3:a:clamav:clamav:0.21:::::::*
	cpe:2.3:a:clamav:clamav:0.22:::::::*
	cpe:2.3:a:clamav:clamav:0.23:::::::*
	cpe:2.3:a:clamav:clamav:0.24:::::::*
	cpe:2.3:a:clamav:clamav:0.51:::::::*
	cpe:2.3:a:clamav:clamav:0.52:::::::*
	cpe:2.3:a:clamav:clamav:0.53:::::::*
	cpe:2.3:a:clamav:clamav:0.54:::::::*
	cpe:2.3:a:clamav:clamav:0.60:::::::*
	cpe:2.3:a:clamav:clamav:0.60p:::::::*
	cpe:2.3:a:clamav:clamav:0.65:::::::*
	cpe:2.3:a:clamav:clamav:0.66:::::::*
	cpe:2.3:a:clamav:clamav:0.67:::::::*
	cpe:2.3:a:clamav:clamav:0.67-1:::::::*
	cpe:2.3:a:clamav:clamav:0.68:::::::*
	cpe:2.3:a:clamav:clamav:0.68.1:::::::*
	cpe:2.3:a:clamav:clamav:0.70:::::::*
	cpe:2.3:a:clamav:clamav:0.70:rc::::::
	cpe:2.3:a:clamav:clamav:0.71:::::::*
	cpe:2.3:a:clamav:clamav:0.72:::::::*
	cpe:2.3:a:clamav:clamav:0.73:::::::*
	cpe:2.3:a:clamav:clamav:0.74:::::::*
	cpe:2.3:a:clamav:clamav:0.75:::::::*
	cpe:2.3:a:clamav:clamav:0.75.1:::::::*
	cpe:2.3:a:clamav:clamav:0.80:::::::*
	cpe:2.3:a:clamav:clamav:0.80:rc::::::
	cpe:2.3:a:clamav:clamav:0.80:rc1::::::
	cpe:2.3:a:clamav:clamav:0.80:rc2::::::
	cpe:2.3:a:clamav:clamav:0.80:rc3::::::
	cpe:2.3:a:clamav:clamav:0.80:rc4::::::
	cpe:2.3:a:clamav:clamav:0.81:::::::*
	cpe:2.3:a:clamav:clamav:0.81:rc1::::::
	cpe:2.3:a:clamav:clamav:0.82:::::::*
	cpe:2.3:a:clamav:clamav:0.83:::::::*
	cpe:2.3:a:clamav:clamav:0.84:::::::*
	cpe:2.3:a:clamav:clamav:0.84:rc1::::::
	cpe:2.3:a:clamav:clamav:0.84:rc2::::::
	cpe:2.3:a:clamav:clamav:0.85:::::::*
	cpe:2.3:a:clamav:clamav:0.85.1:::::::*
	cpe:2.3:a:clamav:clamav:0.86:::::::*
	cpe:2.3:a:clamav:clamav:0.86:rc1::::::
	cpe:2.3:a:clamav:clamav:0.86.1:::::::*
	cpe:2.3:a:clamav:clamav:0.86.2:::::::*
	cpe:2.3:a:clamav:clamav:0.87:::::::*
	cpe:2.3:a:clamav:clamav:0.87.1:::::::*

No data.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2006/May/msg00003.html
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html
http://secunia.com/advisories/19534
http://secunia.com/advisories/19536
http://secunia.com/advisories/19564
http://secunia.com/advisories/19567
http://secunia.com/advisories/19570
http://secunia.com/advisories/19608
http://secunia.com/advisories/20077
http://secunia.com/advisories/23719
http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638
http://up2date.astaro.com/2006/05/low_up2date_6202.html
http://www.debian.org/security/2006/dsa-1024
http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:067
http://www.osvdb.org/24458
http://www.securityfocus.com/bid/17388
http://www.securityfocus.com/bid/17951
http://www.trustix.org/errata/2006/0020
http://www.us-cert.gov/cas/techalerts/TA06-132A.html
http://www.vupen.com/english/advisories/2006/1258
http://www.vupen.com/english/advisories/2006/1779
https://exchange.xforce.ibmcloud.com/vulnerabilities/25661

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-06T22:00:00

Updated: 2024-08-07T17:19:48.656Z

Reserved: 2006-04-05T00:00:00

Link: CVE-2006-1615

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-04-06T22:04:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-1615

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-05T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19567", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19567"}, {"name": "17951", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17951"}, {"name": "ADV-2006-1258", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1258"}, {"name": "ADV-2006-1779", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1779"}, {"name": "TA06-132A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638"}, {"name": "24458", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24458"}, {"name": "19570", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19570"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"}, {"name": "GLSA-200604-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"}, {"name": "19608", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19608"}, {"name": "19534", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19534"}, {"name": "19564", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19564"}, {"name": "19536", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19536"}, {"name": "APPLE-SA-2006-05-11", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"}, {"name": "SUSE-SA:2006:020", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"}, {"name": "MDKSA-2006:067", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"}, {"name": "17388", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17388"}, {"name": "DSA-1024", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1024"}, {"name": "23719", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23719"}, {"name": "20077", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20077"}, {"name": "clamav-output-format-string(25661)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"}, {"name": "2006-0020", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2006/0020"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-1615", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19567", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19567"}, {"name": "17951", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17951"}, {"name": "ADV-2006-1258", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1258"}, {"name": "ADV-2006-1779", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1779"}, {"name": "TA06-132A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638"}, {"name": "24458", "refsource": "OSVDB", "url": "http://www.osvdb.org/24458"}, {"name": "19570", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19570"}, {"name": "http://up2date.astaro.com/2006/05/low_up2date_6202.html", "refsource": "CONFIRM", "url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"}, {"name": "GLSA-200604-06", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"}, {"name": "19608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19608"}, {"name": "19534", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19534"}, {"name": "19564", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19564"}, {"name": "19536", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19536"}, {"name": "APPLE-SA-2006-05-11", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"}, {"name": "SUSE-SA:2006:020", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"}, {"name": "MDKSA-2006:067", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"}, {"name": "17388", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17388"}, {"name": "DSA-1024", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1024"}, {"name": "23719", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23719"}, {"name": "20077", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20077"}, {"name": "clamav-output-format-string(25661)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"}, {"name": "2006-0020", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2006/0020"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:19:48.656Z"}, "title": "CVE Program Container", "references": [{"name": "19567", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19567"}, {"name": "17951", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17951"}, {"name": "ADV-2006-1258", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1258"}, {"name": "ADV-2006-1779", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1779"}, {"name": "TA06-132A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638"}, {"name": "24458", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/24458"}, {"name": "19570", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19570"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"}, {"name": "GLSA-200604-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"}, {"name": "19608", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19608"}, {"name": "19534", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19534"}, {"name": "19564", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19564"}, {"name": "19536", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19536"}, {"name": "APPLE-SA-2006-05-11", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"}, {"name": "SUSE-SA:2006:020", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"}, {"name": "MDKSA-2006:067", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"}, {"name": "17388", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17388"}, {"name": "DSA-1024", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1024"}, {"name": "23719", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23719"}, {"name": "20077", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20077"}, {"name": "clamav-output-format-string(25661)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"}, {"name": "2006-0020", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2006/0020"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1615", "datePublished": "2006-04-06T22:00:00", "dateReserved": "2006-04-05T00:00:00", "dateUpdated": "2024-08-07T17:19:48.656Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*", "matchCriteriaId": "902416C3-C831-4528-8BCD-FD92B44ED660", "versionEndIncluding": "0.88", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*", "matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*", "matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*", "matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*", "matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*", "matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*", "matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*", "matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*", "matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*", "matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*", "matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*", "matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*", "matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*", "matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*", "matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*", "matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*", "matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*", "matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*", "matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*", "matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*", "matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*", "matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*", "matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*", "matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*", "matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*", "matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*", "matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*", "matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*", "matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*", "matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*", "matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*", "matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*", "matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*", "matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*", "matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*", "matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*", "matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*", "matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*", "matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*", "matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*", "matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*", "matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*", "matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*", "matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*", "matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*", "matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*", "matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*", "matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278", "vulnerable": true}, {"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*", "matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."}], "id": "CVE-2006-1615", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-04-06T22:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19534"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19536"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19564"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19567"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19570"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19608"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20077"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23719"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638"}, {"source": "cve@mitre.org", "url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2006/dsa-1024"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/24458"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/17388"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/17951"}, {"source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2006/0020"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1258"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1779"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19534"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19536"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19564"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19570"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19608"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20077"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23719"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2006/dsa-1024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24458"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/17388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0020"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1258"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object