Date: Tue, 11 Nov 2008 08:01:20 -0800 (PST) From: Roger Marquis <marquis@roble.com> To: freebsd-security@freebsd.org Subject: Re: ports/128749: [vuxml] VBA parser vulnerability in ClamAV Message-ID: <20081111160120.B49F32B2089@mx5.roble.com> In-Reply-To: <20081111120022.60DD110657DB@hub.freebsd.org>
index | next in thread | previous in thread | raw e-mail
> As was recently reported in the BugTraq list, VBA parser in ClamAV is > contains the off-by-one overflow and can lead to the arbitrary code > execution within the clamd process. > > VBA component seem to be unconditionally included to the libclamav > and OLE2 scanning is "on" by-default. FWIW, clamav-0.94.1 does not compile under 5.X without CONFIGURE_ARGS+= --disable-gethostbyname_r. When compiled this way it does not run (exits after initialization with no error logging). Though 5.X is no longer officially supported there are many sites still running it which could benefit from a patch, assuming it would be trivial to create such a patch. Roger Marquishome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081111160120.B49F32B2089>