Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.99.2 Multiple Vulnerabilities

Medium

Synopsis

The remote host is running a version of ClamAV that is affected by multiple attack vectors.

Description

Versions of ClamAV prior to 0.99.2 are affected by multiple vulnerabilities :

- Multiple flaws exists in 'libclamav' that are triggered during the handling of specially crafted 7z files. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1371) - A flaw exists in 'libclamav' that is triggered during the handling of a specially crafted mew packer executable. This may allow a context-dependent attacker to crash a process linked against the library. (CVE-2016-1372)

Solution

Upgrade to ClamAV 0.99.2 or later.