Vuln in ClamAV

I should do some more reading on this, but I am amused by the US Cert comment at the end

ClamAV PE Scanning Vulnerability
added April 14, 2008 at 09:21 am

US-CERT is aware of a report of a buffer overflow vulnerability affecting ClamAV. This heap-based buffer overflow vulnerablity may allow an attacker to execute arbitrary code on an affected system.

US-CERT recommends that users do not scan PE files from untrusted sources.

Isn’t the hole point of running an av product to test for viruses in untrusted files?

Comments are closed.