Jump to content
Sign in to follow this  
paul

Advisories MDVSA-2010:249: clamav

Recommended Posts

Multiple vulnerabilities were discovered and corrected in clamav:

 

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV

before 0.96.5 allow remote attackers to cause a denial of service

(application crash) or possibly execute arbitrary code via a crafted

PDF document (CVE-2010-4260, (CVE-2010-4479).

 

Off-by-one error in the icon_cb function in pe_icons.c in libclamav

in ClamAV before 0.96.5 allows remote attackers to cause a denial of

service (memory corruption and application crash) or possibly execute

arbitrary code via unspecified vectors. NOTE: some of these details

are obtained from third party information (CVE-2010-4261).

 

Packages for 2009.0 are provided as of the Extended Maintenance

Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated clamav packages have been upgraded to the 0.96.5 version

that is not vulnerable to these issues.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...