RSS   Vulnerabilities for 'Clamxav'   RSS

2020-10-16
 
CVE-2020-26893

CWE-345
 

 
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client verification in the helper tool.

 


Copyright 2024, cxsecurity.com

 

Back to Top