ClamAV < 0.97 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5796
SynopsisThe remote host is running an anti-virus application that is vulnerable to multiple attack vectors.
DescriptionVersions of ClamAV earlier than 0.97 are potentially affected by multiple vulnerabilities :
- As-yet unspecified double-free issue involving an error path exists in 'libclamav/vba_extract.c' and 'shared/cdiff.c'. (Bug 2486 and report from <mt*debian.org>)
,br. - 'libclamav/pdf.c' may miss detection. (Bug 2455)
- Multiple as-yet unspecified error path leaks exist in 'clamav-milter/whitelist.c', 'clamscan/manager.c' and 'libclamav/sis.c'. (Report from <mt*debian.org>)
SolutionUpgrade to ClamAV 0.97 or later.