ClamAV: 0.97.5 update
This update addresses possible evasion cases in some archive formats and stability issues in portions of the bytecode engine.
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
CVE-CVE-2012-1457
allows to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size
CVE-CVE-2012-1458
allows to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file
CVE-CVE-2012-1459
allows to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry
bnc#767574
ClamAV 0.97.5 addresses possible evasion cases in some archive formats and stability issues in bytecode engine
