FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

clamav -- CHM Processing Denial of Service

Affected packages
clamav < 0.94
clamav-devel < 20080902


VuXML ID da5c4072-8082-11dd-9c8c-001c2514716c
Discovery 2008-07-09
Entry 2008-09-12

Hanno Boeck reports:

A fuzzing test showed weakness in the chm parser of clamav, which can possibly be exploited. The clamav team has disabled the chm module in older versions though freshclam updates and has released 0.94 with a fixed parser.


CVE Name CVE-2008-1389