CVE-2005-1795

ClamAV < 0.84 - Remote Code Execution via Shell Metacharacters in Filename

Title source: llm
STIX 2.1

Description

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

References (2)

Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.sentinelchicken.com/advisories/clamav
Patch, Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1014070

Scores

EPSS 0.0364
EPSS Percentile 88.3%

Details

CWE
CWE-20
Status published
Products (1)
clam_anti-virus/clamav < 0.84
Published May 27, 2005
Tracked Since Feb 18, 2026