Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

  • Published: Aug 23, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4510
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
kolab / kolab_server 2.0.2 2.0.2.x
kolab / kolab_server 2.0 2.0.x
kolab / kolab_server 2.0.1 2.0.1.x
kolab / kolab_server 2.0.4 2.0.4.x
kolab / kolab_server 2.2beta1 2.2beta1.x
clam_anti-virus / clamav - 0.91.2.x
kolab / kolab_server 2.1 2.1.x
kolab / kolab_server 2.0.3 2.0.3.x