ClamAV (Clam AntiVirus) is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A command execution vulnerability exists in ClamAV versions prior to 1.3.0, which stems from insecure handling of filenames, and can be exploited by a local attacker to inject arbitrary commands with the privileges of an application service account.