ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service Vulnerability

ClamAV is prone to a denial-of-service vulnerability because of invalid memory access errors when processing malformed CHM files.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to ClamAV 0.94 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus