A Vulnerability in Clam AntiVirus Could Allow for Remote Code Execution

A vulnerability has been discovered in Clam AntiVirus, which could allow for remote code execution. Clam AntiVirus is an open-source, cross-platform antimalware toolkit able to detect many types of malware. Successful exploitation of this vulnerability could allow an attacker to execute remote code as the Clam AntiVirus platform. Depending on the privileges associated with the application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Applications that are configured to have fewer user rights on the system could be less impacted than those that operate with administrative user rights.

Read more... Cyber Security Advisories - MS-ISAC