Red Hat Bugzilla – Bug 442743
CVE-2008-1835 clamav: scanning engine bypass via crafted RAR file
Last modified: 2008-04-16 11:42:17 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1835 to the following vulnerability:
ClamAV before 0.93 allows remote attackers to bypass the scanning
enging via a RAR file with an invalid version number, which cannot be
parsed by ClamAV but can be extracted by Winrar.
UnRAR code is no longer shipped in Fedora packages due to a legal reasons.