Full Disclosure mailing list archives
[PLSA 2008-71] clamAV: off-by-one buffer overflow
From: Pınar Yanardağ <pinar () pardus org tr>
Date: Fri, 14 Nov 2008 10:21:19 +0200
------------------------------------------------------------------------ Pardus Linux Security Advisory 2008-71 security () pardus org tr ------------------------------------------------------------------------ Date: 2008-11-14 Severity: 2 Type: Remote ------------------------------------------------------------------------ Summary ======= ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Description =========== Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the `clamd' process by sending an email with a prepared attachment. The vulnerability occurs inside the get_unicode_name() function in libclamav/vba_extract.c when a specific `name' buffer is passed to it. Affected packages: Pardus 2008: clamav, all before 0.93.3-29-3 Resolution ========== There are update(s) for clamav. You can update them via Package Manager or with a single command from console: pisi up clamav References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=8627 * http://marc.info/?l=bugtraq&m=122624716807236&w=4 ------------------------------------------------------------------------ -- Pardus Security Team http://security.pardus.org.tr _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [PLSA 2008-71] clamAV: off-by-one buffer overflow Pınar Yanardağ (Nov 14)