USN-1076-1: ClamAV vulnerability
28 February 2011
- clamav -
It was discovered that the Microsoft Office processing code in libclamav
improperly handled certain Visual Basic for Applications (VBA) data. This
could allow a remote attacker to craft a document that could crash clamav
or possibly execute arbitrary code.
In the default installation, attackers would be isolated by the
ClamAV AppArmor profile.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.