Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mandriva Update for clamav MDVSA-2010:082 (clamav)

Information

Severity

Severity

Critical

Family

Family

Mandrake Local Security Checks

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

6 years ago

Summary

Check for the Version of clamav

Insight

Insight

Multiple vulnerabilities has been found and corrected in clamav: ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities (CVE-2010-0098). The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information (CVE-2010-1311). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues.

Affected Software

Affected Software

clamav on Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Solution

Solution

Please Install the Updated Packages.

Common Vulnerabilities and Exposures (CVE)