ClamAV Security Bypass And Memory Corruption Vulnerabilities (Win) Network Vulnerability

Summary

This host has ClamAV installed, and is prone to security bypass and memory corruption vulnerabilities.

Impact

Successful exploitation will allow attackers to bypass certain security restrictions. Impact Level: System/Application

Solution

Upgrade to ClamAV 0.96 or later, For updates refer to http://www.clamav.net

Insight

The flaws are due to: - An error in handling of 'CAB' and '7z' file formats, which allows to bypass virus detection via a crafted archive that is compatible with standard archive utilities. - An error in 'qtm_decompress' function in 'libclamav/mspack.c', which allows to crash application via a crafted CAB archive that uses the Quantum.

Affected

ClamAV version before 0.96 (1.0.26) on Windows.

References

http://en.securitylab.ru/nvd/392749.php
http://secunia.com/advisories/39329

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-0098, CVE-2010-1311

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Mac OS X)
Adobe Flash Media Server Multiple Remote Security Vulnerabilities
Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)

Take action and discover your vulnerabilities