Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.

...

ClamAV < 0.97.8 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon on the remote host is earlier than 0.97.8 and is, therefore, potentially affected by the following vulnerabilities : - An overflow condition exists in the 'getsisstring' function in 'libclamav/sis.c' when handling SIS content. This flaw...