|
|
Subscribe / Log in / New account

clamav: multiple vulnerabilities

Package(s):clamav CVE #(s):CVE-2008-6680 CVE-2009-1270
Created:April 16, 2009 Updated:December 8, 2009
Description: Clamav has three vulnerabilities, from the Debian alert:

CVE-2008-6680 Attackers can cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

CVE-2009-1270 Attackers can cause a denial of service (infinite loop) via a crafted tar file that causes (1) clamd and (2) clamscan to hang.

(no CVE Id yet) Attackers can cause a denial of service (crash) via a crafted EXE file that crashes the UPack unpacker.

Alerts:
Mandriva MDVSA-2009:327 clamav 2009-12-08
Gentoo 200909-04 clamav 2009-09-09
Mandriva MDVSA-2009:097 clamav 2009-04-24
Debian DSA-1771-1 clamav 2009-04-15
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds