The filecopy function in misc.c in Clam AntiVirus (ClamAV) prior to 0.85, on Mac OS, allows remote malicious users to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clam anti-virus clamav |