Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability

Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability

Solution:
The vendor has released ClamAV version 0.70 to address this issue.

Gentoo has released an advisory GLSA 200405-03 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems:

emerge sync
emerge -pv ">=net-mail/clamav-0.70"
emerge ">=net-mail/clamav-0.70"

Clam Anti-Virus ClamAV 0.51

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.52

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.53

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.54

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.60

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.65

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.67

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.68 -1

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753

Clam Anti-Virus ClamAV 0.68

Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753