CVE-2005-1795

Name of the Vulnerable Software and Affected Versions Clam AntiVirus (ClamAV) versions prior to 0.85

Description The issue allows remote attackers to execute arbitrary code via a virus in a filename containing shell metacharacters. This occurs when HFS permissions prevent the file from being deleted and ditto is invoked.

Recommendations For versions prior to 0.85, update to version 0.85 or later to resolve the issue. As a temporary workaround, consider restricting access to the filecopy function in misc.c until a patch is available. Avoid using filenames that contain shell metacharacters in the affected filecopy function until the issue is resolved.