Pardus Linux Security Advisory 2008-71 -ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the 'clamd' process by sending an email with a prepared attachment.
930f71b9add142ea985cb6e2db72995a5489fb4d104b8caa4ec7c49cf5342b5f
------------------------------------------------------------------------
Pardus Linux Security Advisory 2008-71 security@pardus.org.tr
------------------------------------------------------------------------
Date: 2008-11-14
Severity: 2
Type: Remote
------------------------------------------------------------------------
Summary
=======
ClamAV contains an off-by-one heap overflow vulnerability in the code
responsible for parsing VBA project files.
Description
===========
Successful exploitation could allow an attacker to execute arbitrary
code with the privileges of the `clamd' process by sending an email with
a prepared attachment.
The vulnerability occurs inside the get_unicode_name() function in
libclamav/vba_extract.c when a specific `name' buffer is passed to it.
Affected packages:
Pardus 2008:
clamav, all before 0.93.3-29-3
Resolution
==========
There are update(s) for clamav. You can update them via Package Manager
or with a single command from console:
pisi up clamav
References
==========
* http://bugs.pardus.org.tr/show_bug.cgi?id=8627
* http://marc.info/?l=bugtraq&m=122624716807236&w=4
------------------------------------------------------------------------
--
Pardus Security Team
http://security.pardus.org.tr