TITLE: Clam AntiVirus CHM Unpacker and PE Rebuilding Vulnerabilities SECUNIA ADVISORY ID: SA22370 VERIFY ADVISORY: http://secunia.com/advisories/22370/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Clam AntiVirus (clamav) 0.x http://secunia.com/product/2538/ DESCRIPTION: Two vulnerabilities have been reported in Clam AntiVirus, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An unspecified error in the CHM unpacker in chmunpack.c can be exploited to cause a DoS. 2) An unspecified error in rebuildpe.c when rebuilding PE files after unpacking can be exploited to cause a heap-based buffer overflow. SOLUTION: Update to version 0.88.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://sourceforge.net/project/shownotes.php?release_id=455799
Once again :(( But this time i didn't see any public exploit nor PoC. Arches team, please test clamav-0.88.5 & mark stable if appropriate, thanks.
Works fine on my x86 box. Marked stable.
ppc64 stable
Stable on the only real 64 bit architorture.
ppc stable
Stable on hppa. Sorry for the delay. Got my machine back running.
thanks killerfox
Stable on Alpha + ia64.
amd64 team ? we're late regarding the policy and the severity of this vulnerability.
stable on amd64.
Thanks Patrick
GLSA 200610-10