Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.96.5 Multiple Vulnerabilities

High

Synopsis

The remote host is running an anti-virus application that is vulnerable to multiple attack vectors.

Description

Versions of ClamAV earlier than 0.96.5 are potentially affected by multiple vulnerabilities :

- Multiple error exists in the PDF processing functions in 'libclamav/pdf.c' which may lead to application crashes. (Bugs 2358, 2380, 2396)

- An off-by-one error exists in the handling of icons such that a crafted icon may be used to cause an integer overflow. (Bug 2344)

Solution

Upgrade to ClamAV 0.96.5 or later.