Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.94 Multiple Vulnerabilities (deprecated)



The remote antivirus service is affected by multiple issues.


According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues :

- A segmentation fault can occur when processing corrupted LZH files. (Bug #1052)

- Invalid memory access errors in 'libclamav/chmunpack.c' when processing malformed CHM files may lead to a crash. (Bug #1089)

- An out-of-memory null dereference issue exists in 'libclamav/message.c' / 'libclamav/mbox.c'. (Bug #1141)

- Possible error path memory leaks exist in 'freshclam/manager.c'. (Bug #1141)

- There is an invalid close on error path in 'shared/tar.c'. (Bug #1141)

- There are multiple file descriptor leaks involving the 'error path' in 'libclamav/others.c' and 'libclamav/sis.c'. (Bug #1141).


Upgrade to version 0.94 or higher.