Skip to main content

ClamAV Scanning Bypass and Memory Corruption Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 8 Apr 2010 5622 Views

RISK: Medium Risk

A vulnerability has been identified in ClamAV, which can be exploited by malicious people to bypass the scanning functionality or potentially compromise a vulnerable system.

1. Due to an error when processing archives can be exploited to bypass the anti-virus scanning functionality via specially crafted CAB files.

2. Due to an error exists within the "qtm_decompress()" function in libclamav/mspack.c. This can be exploited to cause a memory corruption when a specially crafted Quantum-compressed file is scanned.


Impact

  • Remote Code Execution

System / Technologies affected

  • Clam AntiVirus (clamav) 0.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link