[Pkg-clamav-devel] Bug#526042: clamav: CVE-2009-1241 malware detection bypass
Michael S. Gilbert
michael.s.gilbert at gmail.com
Tue Apr 28 19:50:41 UTC 2009
Package: clamav
Severity: important
Tags: security
Tags: fixed 0.95+dfsg-1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for clamav.
CVE-2009-1241[0]:
| Unspecified vulnerability in ClamAV before 0.95 allows remote
| attackers to bypass detection of malware via a modified RAR archive.
This is already fixed in version 0.95+dfsg-1 in unstable. Please
coordinate with the security team (team at security.debian.org) to prepare
packages for the stable releases.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1241
http://security-tracker.debian.net/tracker/CVE-2009-1241
More information about the Pkg-clamav-devel
mailing list