Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SuSE Update for clamav SUSE-SA:2007:026
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of clamav
Insight
Insight
The AntiVirus scan engine clamav was updated to version 0.90.2. Among other bugs two security problems were fixed which could cause a remote denial of service attack against clamav or potentially be used to execute code. - CVE-2007-1745: The chm_decompress_stream function in libclamav/chmunpack.c leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file. - CVE-2007-1997: Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c might allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. Updates for this problem were released on Tuesday April 17.
Affected Software
Affected Software
clamav on SUSE LINUX 10.1, openSUSE 10.2, SUSE SLES 9, Open Enterprise Server, Novell Linux POS 9, SUSE SLES 10
Solution
Solution
Please Install the Updated Packages.