Clam AntiVirus ClamAV prior to 0.90 does not close open file descriptors under certain conditions, which allows remote malicious users to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clamav clamav |
||
apple mac os x server |
||
debian debian linux 3.1 |