- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200704-21 (ClamAV: Multiple vulnerabilities)
iDefense Labs have reported a stack-based buffer overflow in the cab_unstore() function when processing negative values in .cab files.
Multiple file descriptor leaks have also been reported in chmunpack.c, pdf.c and dblock.c when processing .chm files.
Impact :
A remote attacker could send a specially crafted CHM file to the scanner, possibly resulting in the remote execution of arbitrary code with the privileges of the user running ClamAV.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top