Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper tool and perform privileged operations. This occurs because of inadequate client verification in the helper tool.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ClamXAV 数据伪造问题漏洞
Vulnerability Description
ClamXAV是英国clamxav的Mac os平台上的一款非常给力的Mac杀毒软件。ClamXav for Mac不仅能对恶意软件进行扫描,而且能针对你的Mac进行实时病毒查杀,它采用了非常流行ClamAV的开源杀毒引擎作为后端,并具有检测Windows和Mac威胁的能力。 ClamXAV 3 3.1.1之前版本存在安全漏洞,该漏洞源于辅助工具中的客户端验证不充分。攻击者可利用该漏洞使用正确签名的ClamXAV 2副本(使用注入的恶意dylib运行)与ClamXAV 3的帮助工具通信并执行特权操作。
CVSS Information
N/A
Vulnerability Type
N/A