ClamAV < 0.99.2 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 9793
SynopsisThe remote host is running a version of ClamAV that is affected by multiple attack vectors.
DescriptionVersions of ClamAV prior to 0.99.2 are affected by multiple vulnerabilities :
- Multiple flaws exists in 'libclamav' that are triggered during the handling of specially crafted 7z files. This may allow a context-dependent attacker to have an unspecified impact. (CVE-2016-1371)
- A flaw exists in 'libclamav' that is triggered during the handling of a specially crafted mew packer executable. This may allow a context-dependent attacker to crash a process linked against the library. (CVE-2016-1372)
SolutionUpgrade to ClamAV 0.99.2 or later.