clamavSecurity update for clamavSecurity update for clamavThis update to ClamAV version 0.88.7 fixes various bugs:
CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote
attackers to cause a denial of service (crash) via a
malformed base64-encoded MIME attachment that triggers a
null pointer dereference.
CVE-2006-6481: Clam AntiVirus (ClamAV) 0.88.6 allowed
remote attackers to cause a denial of service (stack
overflow and application crash) by wrapping many layers of
multipart/mixed content around a document, a different
vulnerability than CVE-2006-5874 and CVE-2006-6406.
CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allowed
remote attackers to bypass virus detection by inserting
invalid characters into base64 encoded content in a
multipart/mixed MIME file, as demonstrated with the EICAR
test file.
This update to ClamAV version 0.88.7 fixes various bugs:
CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote
attackers to cause a denial of service (crash) via a
malformed base64-encoded MIME attachment that triggers a
null pointer dereference.
CVE-2006-6481: Clam AntiVirus (ClamAV) 0.88.6 allowed
remote attackers to cause a denial of service (stack
overflow and application crash) by wrapping many layers of
multipart/mixed content around a document, a different
vulnerability than CVE-2006-5874 and CVE-2006-6406.
CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allowed
remote attackers to bypass virus detection by inserting
invalid characters into base64 encoded content in a
multipart/mixed MIME file, as demonstrated with the EICAR
test file.
securityclamavi586d15774e57e80dca2c7788e0ce7d7199e4a88a7d6