CVE-2011-1003
- Source
- https://cve.org/CVERecord?id=CVE-2011-1003
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-1003.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2011-1003
- Downstream
- Published
- 2011-02-23T19:00:02Z
- Modified
- 2026-04-10T03:41:39.341901Z
- Summary
- [none]
- Details
-
Double free vulnerability in the vbareadprojectstrings function in vbaextract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.
- References
-
- http://secunia.com/advisories/43392
- http://secunia.com/advisories/43498
- http://secunia.com/advisories/43752
- http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007
- http://www.ubuntu.com/usn/USN-1076-1
- http://www.vupen.com/english/advisories/2011/0453
- http://www.vupen.com/english/advisories/2011/0458
- http://www.vupen.com/english/advisories/2011/0523
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486
- http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97
- http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://openwall.com/lists/oss-security/2011/02/21/1
- http://openwall.com/lists/oss-security/2011/02/21/4
- http://osvdb.org/70937
- http://securitytracker.com/id?1025100
- http://www.securityfocus.com/bid/46470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65544