Mandriva Update For Clamav MDKSA-2007:098 (clamav) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c. This update provides ClamAV 0.90.2 which corrects these problems and provides new functionality.

Affected

clamav on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-1745, CVE-2007-1997, CVE-2007-2029
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)
Mandrake Security Advisory MDVSA-2009:008 (qemu)
Mandrake Security Advisory MDVSA-2009:064 (imap)
Mandrake Security Advisory MDVSA-2009:166 (c-client)
Mandrake Security Advisory MDVSA-2009:014 (mplayer)

Mandriva Update for clamav MDKSA-2007:098 (clamav)

Take action and discover your vulnerabilities