SUSE CVE-2009-1372

Stack-based buffer overflow in the cliurlcanon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted URL...

ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞

BUGTRAQ ID: 34446 CVECAN ID: CVE-2009-1371,CVE-2009-1372 Clam AntiVirus是Unix的GPL杀毒工具包，很多邮件网关产品都在使用。 ClamAV的libclamav/phishcheck.c文件中的cliurlcanon函数存在栈溢出漏洞，远程攻击者可以通过提交恶意的URL来触发这个溢出，导致执行任意代码。 如果用户使用ClamAV扫描到了UPack编码的畸形文件的话，libclamav/others.h文件的CLIISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。 ClamAV 0.95.1 ClamAV...

ClamAV < 0.95.1 Multiple Vulnerabilities

According to its version, the clamd antivirus daemon on the remote host is earlier than 0.95.1. Such versions are affected by multiple vulnerabilities : - ClamAV might crash while scanning certain malicious files packed with UPack. Bug 1552 - ClamAV might crash while using 'cliurlcanon'. Bug 1553...