CVE-2005-1795

Published: May 27, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

Affected (1)

Products: Clam Anti Virus: Clamav

Clam Anti Virus

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Clam Anti Virus Clamav	Up to 0.84

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://securitytracker.com/id?1014070

Source: cve@mitre.org

PatchVendor Advisory

http://www.sentinelchicken.com/advisories/clamav

Source: cve@mitre.org

ExploitVendor Advisory

http://securitytracker.com/id?1014070

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.sentinelchicken.com/advisories/clamav

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.