Arbitrary Code Execution Vulnerability in Clam AntiVirus (ClamAV) on Mac OS

Arbitrary Code Execution Vulnerability in Clam AntiVirus (ClamAV) on Mac OS

CVE-2005-1795 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

Learn more about our Web Application Penetration Testing UK.