The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) prior to 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ifenslave ifenslave 0.88 |
||
clam anti-virus clamav |