HomePentest-Tools.com Logo

ClamAV < 0.95 Multiple Vulnerabilities - Windows CVE-2009-1241CVE-2009-1270CVE-2008-6680

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

ClamAV is prone to multiple vulnerabilities.

Risk description

Multiple flaws are due to: - Error in handling specially crafted RAR files which prevents the scanning of potentially malicious files. - Inadequate sanitation of files through a crafted TAR file causes clamd and clamscan to hang. - libclamav/pe.c allows remote attackers to cause a denial of service via a crafted EXE which triggers a divide-by-zero error. Remote attackers may exploit this issue to inject malicious files into the system which can bypass the scan engine and may cause denial of service.

Recommendation

Update to version 0.95 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 8, 2009
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available