Apr 17, 2007

[Security] Clam AV CAB File Unstore Vulnerability

Free (licensed under GPL) antivirus Clam AV is an alternative to other antivirus apps out there. Like any other application, it is also vulnerable.

iDefense has recently reported a vulnerability in Clam AV when scanning (either malformed or maliciously malformed) CAB files. Successfully exploiting this vulnerability results to remote code execution. When the exploit fails, the application crashes. Versions 0.9x are affected.

Since there is no workaround for this vulnerability, Clam AV users are advised to upgrade to 0.90.2. Get it at Clam AV Downloads page.

NOTE: Remote code execution is dangerous because user intervention is unnecessary in this case. Crashing an app is considered as a denial of service.

(Cross-posted from here.)

No comments:

Post a Comment