FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

clamav -- multiple remote buffer overflows

Affected packages
clamav < 0.86.2
clamav-devel <= 20050704

Details

VuXML ID 1db7ecf5-fd24-11d9-b4d6-0007e900f87b
Discovery 2005-07-24
Entry 2005-07-25

An Secunia Advisory reports:

Neel Mehta and Alex Wheeler have reported some vulnerabilities in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

  1. Two integer overflow errors in "libclamav/tnef.c" when processing TNEF files can be exploited to cause a heap-based buffer overflow via a specially crafted TNEF file with a length value of -1 in the header.
  2. An integer overflow error in "libclamav/chmunpack.c" can be exploited to cause a heap-based buffer overflow via a specially crafted CHM file with a chunk entry that has a filename length of -1.
  3. A boundary error in "libclamav/fsg.c" when processing a FSG compressed file can cause a heap-based buffer overflow.
[source]

References

URL http://secunia.com/advisories/16180/
URL http://www.rem0te.com/public/images/clamav.pdf

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.