Referenced CVEs:
CVE-2008-5050
Description:
===========================================================Ubuntu Security Notice USN-672-1 November 17, 2008clamav vulnerabilityCVE-2008-5050===========================================================A security issue affects the following Ubuntu releases:Ubuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 8.10: libclamav5 0.94.dfsg.1-1ubuntu0.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Moritz Jodeit discovered that ClamAV did not correctly handle certainstrings when examining a VBA project. If a remote attacker tricked ClamAVinto processing a malicious VBA file, ClamAV would crash, leading to adenial of service.
More...
