FreeBSD : clamav -- multiple vulnerabilities (903654bd-1927-11dc-b8a0-02e0185f8d72)
Critical Nessus Plugin ID 25560
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionClamav had been found vulnerable to multiple vulnerabilities :
- Improper checking for the end of an buffer causing an unspecified attack vector.
- Insecure temporary file handling, which could be exploited to read sensitive information.
- A flaw in the parser engine which could allow a remote attacker to bypass the scanning of RAR files.
- A flaw in libclamav/unrar.c which could cause a remote Denial of Service (DoS) by sending a specially crafted RAR file with a modified vm_codesize.
- A flaw in the OLE2 parser which could cause a remote Denial of Service (DoS).
SolutionUpdate the affected package.