ClamAV Scanning Bypass and Memory Corruption Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 8 Apr 2010 5452 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in ClamAV, which can be exploited by malicious people to bypass the scanning functionality or potentially compromise a vulnerable system.

1. Due to an error when processing archives can be exploited to bypass the anti-virus scanning functionality via specially crafted CAB files.

2. Due to an error exists within the "qtm_decompress()" function in libclamav/mspack.c. This can be exploited to cause a memory corruption when a specially crafted Quantum-compressed file is scanned.

Impact

  • Remote Code Execution

System / Technologies affected

  • Clam AntiVirus (clamav) 0.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Foxit Reader Embedded Executable Code Injection Vulnerability

7 Apr 2010 5240 Views

Next

VMware Products Multiple Vulnerabilities

12 Apr 2010 5275 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY