Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210973 Summary: clamav < 0.88.5 CHM and PE vulnerabilities Product: Fedora Extras Version: fc5 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: clamav AssignedTo: enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx ReportedBy: ville.skytta@xxxxxx QAContact: extras-qa@xxxxxxxxxxxxxxxxx CC: extras-qa@xxxxxxxxxxxxxxxxx,fedora-security- list@xxxxxxxxxx (Apparently no CVE id available yet) http://www.vuxml.org/freebsd/8012a79d-5d21-11db-bb8d-00123ffe8333.html Secunia reports: Two vulnerabilities have been reported in Clam AntiVirus, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An unspecified error in the CHM unpacker in chmunpack.c can be exploited to cause a DoS. 2) An unspecified error in rebuildpe.c when rebuilding PE files after unpacking can be exploited to cause a heap-based buffer overflow. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
