[Secure-testing-team] Bug#505134: clamav: ClamAV get_unicode_name() off-by-one buffer overflow
Stefan Fritsch
sf at sfritsch.de
Sun Nov 9 18:54:51 UTC 2008
Package: clamav
Version: 0.90.1-1
Severity: grave
Tags: security
Justification: user security hole
A vulnerability has been reported for clamav. There does not seem to be a CVE id
yet. From http://seclists.org/bugtraq/2008/Nov/0070.html:
ClamAV contains an off-by-one heap overflow vulnerability in the
code responsible for parsing VBA project files. Successful
exploitation could allow an attacker to execute arbitrary code with
the privileges of the `clamd' process by sending an email with a
prepared attachment.
Vulnerable packages:
All versions up to 0.94 are vulnerable.
Version 0.94.1 fixes the problem.
More information about the Secure-testing-team
mailing list