ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clam anti-virus clamav 0.92 |