clamav -- multiple vulnerabilities

2007-04-18T00:00:00
ID 903654BD-1927-11DC-B8A0-02E0185F8D72
Type freebsd
Reporter FreeBSD
Modified 2007-04-18T00:00:00

Description

Clamav had been found vulnerable to multiple vulnerabilities:

Improper checking for the end of an buffer causing an unspecified attack vector. Insecure temporary file handling, which could be exploited to read sensitive information. A flaw in the parser engine which could allow a remote attacker to bypass the scanning of RAR files. A flaw in libclamav/unrar.c which could cause a remote Denial of Service (DoS) by sending a specially crafted RAR file with a modified vm_codesize. A flaw in the OLE2 parser which could cause a remote Denial of Service (DoS).