ClamAV BZ_GET_FAST Bzip2 Decompression Vulnerability

ClamAV is prone to a vulnerability due to a flaw in its Bzip2 decompression support.

Successful exploits of this vulnerability may potentially allow remote attackers to execute arbitrary code in the context of the vulnerable application or to trigger denial-of-service conditions. These effects have not been confirmed.

No further technical details are currently available. We will update this BID as more information emerges.

ClamAV 0.91.2 is vulnerable to this issue; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus