Solution
Please Install the Updated Packages.
Insight
iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c.
This update provides ClamAV 0.90.2 which corrects these problems and provides new functionality.
Affected
clamav on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64
Severity
Classification
-
CVE CVE-2007-1745, CVE-2007-1997, CVE-2007-2029 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities