Red Hat Bugzilla – Bug 580468
CVE-2010-1311 Clam AntiVirus (prior to v0.96): Memory corruption by scanning Quantum-compressed file(s)
Last modified: 2015-07-31 02:26:07 EDT
Török Edwin reported: [1] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771 a deficiency in the way Clam AntiVirus decompressed certain Quantum-compressed files. An attacker could use this flaw to cause a denial of service (clamscan crash) or, potentially execute arbitrary code, with the privileges of the user running clamscan. Upstream bug report: [2] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771 Upstream patch: [3] http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=224fee54dd6cd8933d7007331ec2bfca0398d4b4 References: [4] http://secunia.com/advisories/39329/ CVE Request: [5] http://www.openwall.com/lists/oss-security/2010/04/06/4
This issue affects the versions of the clamav package, as shipped with Fedora release of 11 and 12. This issue affects the versions of the clamav package, as present in EPEL-4 and EPEL-5 repositories. Please fix.
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-1311 to this vulnerability: The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 [2] http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96 [3] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771 [4] http://www.securityfocus.com/bid/39262 [5] http://secunia.com/advisories/39329