HTTP: ClamAV AntiVirus CHM File Handling Denial of Service
A Denial of Service vulnerability exists in the ClamAV AntiVirus product. The vulnerability can be triggered when the application processes crafted CHM files. An unauthenticated attacker can exploit this vulnerability by delivering a crafted file to the scanning engine to cause a denial of service. In an attack case, the affected ClamAV daemon will terminate. This might allow for further exploitation of the target system, exposing the system to other threats in absence of the AntiVirus daemon.
Extended Description
ClamAV is prone to a denial-of-service vulnerability because of invalid memory access errors when processing malformed CHM files. Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. Versions prior to ClamAV 0.94 are vulnerable.
Affected Products
Red_hat fedora
Short Name
HTTP:STC:DL:CLAMAV-CHM-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AntiVirus CHM CVE-2008-1389 ClamAV Denial File Handling Service bid:30994 of
Release Date
10/13/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Apple
Gentoo
Clam_anti-virus
Mandriva
Kolab
CVSS Score
5.0