>> ClamAV PeSpin and Archives Processing Multiple Vulnerabilities
Title : ClamAV PeSpin and Archives Processing Multiple Vulnerabilities VUPEN ID : VUPEN/ADV-2008-1227 CVE ID : CVE-2008-0314 - CVE-2008-1387 - CVE-2008-1833 - CVE-2008-1837
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-04-15
Technical Description
Multiple vulnerabilities have been identified in ClamAV (Clam AntiVirus), which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.
The first issue is caused by a heap overflow error in "libclamav/spin.c" when processing malformed PeSpin executable files, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.
The second vulnerability is caused by an error when processing malformed ARJ archives, which could be exploited to cause an affected application to exhaust all available memory resources.
The third issue is caused by errors when processing malformed RAR archives, which could be exploited to cause an affected application to crash, creating a denial of service condition.
The fourth vulnerability is caused by a heap overflow error in "libclamav/pe.c" when processing malformed WWPack executable files, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.
