icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ClamAV < 0.96.5 Multiple Vulnerabilities

High

Synopsis

The remote host is running an anti-virus application that is vulnerable to multiple attack vectors.

Description

Versions of ClamAV earlier than 0.96.5 are potentially affected by multiple vulnerabilities :

- Multiple error exists in the PDF processing functions in 'libclamav/pdf.c' which may lead to application crashes. (Bugs 2358, 2380, 2396)

- An off-by-one error exists in the handling of icons such that a crafted icon may be used to cause an integer overflow. (Bug 2344)

Solution

Upgrade to ClamAV 0.96.5 or later.