CVE-2007-6336
EPSS 9.9%
Description
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
How to fix CVE-2007-6336
To remediate CVE-2007-6336, upgrade the affected package to a fixed version below.
- Debian/clamav—upgrade to 0.92~dfsg-1~volatile2 or later
Is CVE-2007-6336 being exploited?
Moderate — EPSS is 9.9%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 0.92~dfsg-1~volatile2