The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) prior to 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clam anti-virus clamav 0.54 |
||
clam anti-virus clamav 0.60 |
||
clam anti-virus clamav 0.65 |
||
clam anti-virus clamav 0.67 |
||
clam anti-virus clamav 0.52 |
||
clam anti-virus clamav 0.53 |
||
clam anti-virus clamav 0.51 |
||
clam anti-virus clamav 0.68 |
||
clam anti-virus clamav 0.68.1 |