ClamAVcli_url_canon()" Buffer Overflow and UPack DoS Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5311 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in ClamAV, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.

1. A buffer overflow error in the "cli_url_canon()" [libclamav/phishcheck.c] function when processing specially crafted URLs, which could be exploited by attackers to compromise a vulnerable system.

2. An error when processing malformed files packed with UPack, which could be exploited by attackers or malware to crash an affected application.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • ClamAV versions prior to 0.95.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

  • No CVE information is available

Source

Share with

Previous

HPOpenView Performance Agent DynaZip Buffer Overflow Vulnerability

14 Apr 2009 5490 Views

Next

Microsoft Office Excel Multiple Memory Corruption Vulnerabilities( 15 April 2009 )

15 Apr 2009 5023 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY