Search for vulnerabilities
Vulnerability details: VCID-khbz-r1sf-aaaf
Vulnerability ID VCID-khbz-r1sf-aaaf
Aliases CVE-2007-1745
Summary The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
Status Published
Exploitability 0.5
Weighted Severity 6.4
Risk 3.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01822 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.01883 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02129 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02129 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02129 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02129 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.02143 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
epss 0.03435 https://api.first.org/data/v1/epss?cve=CVE-2007-1745
cvssv2 7.1 https://nvd.nist.gov/vuln/detail/CVE-2007-1745
Reference id Reference type URL
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://osvdb.org/34913
https://api.first.org/data/v1/epss?cve=CVE-2007-1745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1745
http://secunia.com/advisories/24891
http://secunia.com/advisories/24920
http://secunia.com/advisories/24946
http://secunia.com/advisories/24996
http://secunia.com/advisories/25022
http://secunia.com/advisories/25028
http://secunia.com/advisories/25189
http://secunia.com/advisories/29420
http://security.gentoo.org/glsa/glsa-200704-21.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/33636
http://sourceforge.net/project/shownotes.php?release_id=500765
http://support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.html
http://www.debian.org/security/2007/dsa-1281
http://www.mandriva.com/security/advisories?name=MDKSA-2007:098
http://www.novell.com/linux/security/advisories/2007_26_clamav.html
http://www.securityfocus.com/bid/23473
http://www.trustix.org/errata/2007/0013/
http://www.vupen.com/english/advisories/2007/1378
http://www.vupen.com/english/advisories/2008/0924/references
cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
cpe:2.3:a:ifenslave:ifenslave:0.88:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ifenslave:ifenslave:0.88:*:*:*:*:*:*:*
CVE-2007-1745 https://nvd.nist.gov/vuln/detail/CVE-2007-1745
GLSA-200704-21 https://security.gentoo.org/glsa/200704-21
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2007-1745
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.71737
EPSS Score 0.01822
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.