A double free error was found in the way Clam AntiVirus
anti-virus toolkit processed certain project strings by
extracting Visual Basic for Applications (VBA) source code
for MS Office documents. A remote attacker could provide
a MS Office document, with embedded specially-crafted VBA
source code and trick the local user into checking the document
in the Clam AntiVirus toolkit, leading to clamscan executable
crash or, potentially, arbitrary code execution with the privileges
of the user running the tool.
Upstream bug report:
This issue affects the versions of the clamav package, as shipped
with Fedora release of 13 and 14.
This issue affects the version of the clamav package, as present
within EPEL-4 repository.
Please schedule the updates.
This issue does NOT affect the versions of the clamav package,
as present within EPEL-5 and EPEL-6 repositories. Relevant
clamav-0.97-2.el5 and clamav-0.97-2.el6 already contain a fix
for this issue.
Created clamav tracking bugs for this issue
Affects: epel-4 [bug 679793]
Affects: fedora-all [bug 679794]
They should be pushed to stable, or will be soon. Please reopen if bug still exists.