Vulnerability Details: - Race Condition Vulnerability: - Description: ClamAV uses its own function to generate a temporary file name which may be subject to a race condition attack. - Function Code: - Issue: The function can be exploited by guessing the generated file name and creating it between the and calls. - Fix Suggestion: Use the option for . - Base64-UUencoded Files Scanner Bypass: - Description: ClamAV does not properly handle and recognize Base64-UUencoded files, allowing attackers to bypass scanning through the use of such file formats. - Impact: Malicious content inside a Base64-UUencoded file can be executed without being detected by the scanner. - Insecure File Handling in Sigtool: - Description: The Sigtool utility included with ClamAV fails to handle files securely when converting UTF-16 encoded files to ASCII. - Issue: If a malicious user specifies an existing file name with extension for conversion, it could be overwritten due to insecure file open modes. - Source Code Snippet: Affected Program and Versions: ClamAV version 0.92 is affected. Risk Level: Medium CVE and Author Information: - CVE ID: CVE-2007-6595 and CVE-2007-6596 - Authors: Lolek and Roflek Additional Notes: - Links to raw code or specific documentation references like "Numerical Recipes in C: The Art of Scientific Computing" for discussing random number generation flaws are also provided. This is necessary information for security experts to assess and mitigate the vulnerabilities in ClamAV.