Jump to content

Advisories MDVSA-2010:249: clamav


paul
 Share

Recommended Posts

Multiple vulnerabilities were discovered and corrected in clamav:

 

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV

before 0.96.5 allow remote attackers to cause a denial of service

(application crash) or possibly execute arbitrary code via a crafted

PDF document (CVE-2010-4260, (CVE-2010-4479).

 

Off-by-one error in the icon_cb function in pe_icons.c in libclamav

in ClamAV before 0.96.5 allows remote attackers to cause a denial of

service (memory corruption and application crash) or possibly execute

arbitrary code via unspecified vectors. NOTE: some of these details

are obtained from third party information (CVE-2010-4261).

 

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated clamav packages have been upgraded to the 0.96.5 version

that is not vulnerable to these issues.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...