Test ID:	1.3.6.1.4.1.25623.1.0.103083
Category:	General
Title:	ClamAV < 0.97 'vba_read_project_strings()' Double Free Memory Corruption Vulnerability
Summary:	ClamAV is prone to a double-free memory-corruption; vulnerability.
Description:	Summary: ClamAV is prone to a double-free memory-corruption vulnerability. Vulnerability Impact: An attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible. This has not been confirmed. Affected Software/OS: ClamAV prior to version 0.97. Solution: Updates are available. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1003 1025100 http://securitytracker.com/id?1025100 43392 http://secunia.com/advisories/43392 43498 http://secunia.com/advisories/43498 43752 http://secunia.com/advisories/43752 46470 http://www.securityfocus.com/bid/46470 70937 http://osvdb.org/70937 ADV-2011-0453 http://www.vupen.com/english/advisories/2011/0453 ADV-2011-0458 http://www.vupen.com/english/advisories/2011/0458 ADV-2011-0523 http://www.vupen.com/english/advisories/2011/0523 FEDORA-2011-2741 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html FEDORA-2011-2743 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html MDVA-2011:007 http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007 SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1076-1 http://www.ubuntu.com/usn/USN-1076-1 [oss-security] 20110221 Re: clamav 0.97 http://openwall.com/lists/oss-security/2011/02/21/4 [oss-security] 20110221 clamav 0.97 http://openwall.com/lists/oss-security/2011/02/21/1 clamav-vbareadprojectstrings-dos(65544) https://exchange.xforce.ibmcloud.com/vulnerabilities/65544 http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97 http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.