Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 3 Dec 2010 15:32:26 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: Re: clamav 0.96.5 released

Am Friday 03 December 2010 schrieb Thomas Biege:
> JFYI, maybe CVE-IDs are needed...

http://secunia.com/advisories/42426/

Seems like two security issues:

"1) Multiple errors within the processing of PDF files can be exploited to 
e.g. cause a crash.

2) An off-by-one error within the "icon_cb()" function can be exploited to 
cause a memory corruption."

-- 
Hanno Böck		Blog:		http://www.hboeck.de/
GPG: 3DBD3B20		Jabber/Mail:	hanno@...eck.de

http://schokokeks.org - professional webhosting

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ