Several bugs were discovered in Clam AntiVirus, the antivirus scanner
for Unix, designed for integration with mail servers to perform
attachment scanning. The following problems were identified:
CAN-2005-2450
Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is
vulnerable to integer overflows when handling the TNEF, CHM and
FSG file formats.
CVE-NOMATCH
Mark Pizzolato fixed a possible infinite loop that could cause a
denial of service.
The old stable distribution (woody) is not affected as it doesn’t contain clamav.
For the stable distribution (sarge) these problems have been fixed in
version 0.84-2.sarge.2.
For the unstable distribution (sid) these problems have been fixed in
version 0.86.2-1.
We recommend that you upgrade your clamav package.
CPE | Name | Operator | Version |
---|---|---|---|
clamav | eq | 0.84-2 | |
clamav | eq | 0.84-2.sarge.1 |