This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [Suggested description] | |
> An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor | |
> could use a properly signed copy of ClamXAV 2 (running with an | |
> injected malicious dylib) to communicate with ClamXAV 3's helper tool | |
> and perform privileged operations. This occurs because of inadequate | |
> client verification in the helper tool. | |
> | |
> ------------------------------------------ | |
> | |
> [VulnerabilityType Other] |