Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200507-25] Clam AntiVirus: Integer overflows Vulnerability Scan
Vulnerability Scan Summary
Clam AntiVirus: Integer overflows
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200507-25
(Clam AntiVirus: Integer overflows)
Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is
vulnerable to integer overflows when handling the TNEF, CHM and FSG
By sending a specially-crafted file a possible hacker could execute
arbitrary code with the permissions of the user running Clam AntiVirus.
There is no known workaround at this time.
All Clam AntiVirus users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.86.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.