ClamAV Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 3 Dec 2010 5701 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in ClamAV, which could be exploited by attackers or malware to cause a denial of service or execute arbitrary code.

1. The errors in the "libclamav/pdf.c" file, which could be exploited to crash an affected application.

2. An off-by-one error in "libclamav/pe_icons.c", which could be exploited to crash an affected application or execute arbitrary code.

3. The use of uninitialized values within libclamav, which could be exploited to cause a denial of service or potentially execute arbitrary code.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • ClamAV version 0.96.4 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

AWStats Remote Code Execution and Directory Traversal Vulnerabilities

2 Dec 2010 5832 Views

Next

ProFTPD HELP Command Injection Backdoor

3 Dec 2010 6024 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY