Users of ClamAV please be advised of an integer-overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
USN-986-2: [USN-986-2] ClamAV integer-overflow vulnerability
advisory details:
An integer overflow was discovered in bzip2. If a user or automated system
were tricked into decompressing a crafted bz2 file, an attacker could cause
bzip2 or any application linked against libbz2 to crash or possibly execute
code as the user running the program.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/ahSFgm
No comments:
Post a Comment