ClamAV versions 0.91.2 et ant\u00e9rieures.
","content":"## Description\n\nDes vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les modules ClamAV de\ntraitement des archives au format MEW et bzip2. Un utilisateur\nmalintentionn\u00e9 peut, par le biais d'un fichier compress\u00e9, ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nMettre \u00e0 jour ClamAV en version 0.92 (cf. section Documentation).\n","cves":[{"name":"CVE-2007-6336","url":"https://www.cve.org/CVERecord?id=CVE-2007-6336"},{"name":"CVE-2007-6337","url":"https://www.cve.org/CVERecord?id=CVE-2007-6337"},{"name":"CVE-2007-5759","url":"https://www.cve.org/CVERecord?id=CVE-2007-5759"},{"name":"CVE-2007-6335","url":"https://www.cve.org/CVERecord?id=CVE-2007-6335"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Debian DSA-1535-1 du 19 d\u00e9cembre 2007 :","url":"http://www.debian.org/security/2007/dsa-1435"},{"title":"Version 0.92 de ClamAV :","url":"http://www.clamav.net/download/sources/"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo 200712-20 du 29 d\u00e9cembre 2007 :","url":"http://www.gentoo.org/security/en/glsa-200712-20.xml"}],"reference":"CERTA-2007-AVI-552","revisions":[{"description":"version initiale ;","revision_date":"2007-12-19T00:00:00.000000"},{"description":"Ajout des r\u00e9f\u00e9rences CVE et des bulletins de s\u00e9curit\u00e9 de Gentoo et Debian.","revision_date":"2007-12-31T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Des vuln\u00e9rabilit\u00e9s dans ClamAV permettent\nl'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans ClamAV","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 iDefense 634 du 18 d\u00e9cembre 2007","url":"http://www.idefense.com/ntelligence/vulnerabilities/display.php?id=634"}]}