As was recently reported in the BugTraq list, VBA parser in ClamAV is
contains the off-by-one overflow and can lead to the arbitrary code
execution within the clamd process.
VBA component seem to be unconditionally included to the libclamav
and OLE2 scanning is "on" by-default.
FWIW, clamav-0.94.1 does not compile under 5.X without CONFIGURE_ARGS+=
--disable-gethostbyname_r. When compiled this way it does not run (exits
after initialization with no error logging).
Though 5.X is no longer officially supported there are many sites still
running it which could benefit from a patch, assuming it would be trivial
to create such a patch.
Roger Marquis
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
