Bugs found in open-source antivirus tool

By Joris Evers
Staff Writer, CNET News

Two serious security vulnerabilities have been identified in Clam AntiVirus, a popular open-source antivirus application. The flaws could be exploited by remote attackers to run malicious software or cause crashes on computers that run the application, according to an advisory from the French Security Incident Response Team, or FrSIRT, which tags the issue "critical."

The vulnerabilities exist in Clam AntiVirus version 0.86.2 and earlier, according to FrSIRT. Clam AntiVirus has been updated to fix the problem, according to the project's Web site. An updated version of ClamWin, the free antivirus application for Windows based on Clam AntiVirus, is also available, according to the ClamWin site.

See more CNET content tagged:
open source, security

Latest tech news headlines

Smart-grid spending to hit $200 billion by 2015
Posted in Green Tech by Lance Whitney

December 28, 2009 7:15 AM PST
China introduces law to boost renewable energy
Posted in Green Tech by Reuters

December 28, 2009 6:41 AM PST
Mozilla pushes back Firefox 3.6, 4.0 deadlines
Posted in Deep Tech by Stephen Shankland

December 28, 2009 6:27 AM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Dow Jones Industrials (0.08%) 8.54 10,528.64; S&P 500 (0.01%) 0.10 1,126.58; NASDAQ (0.20%) 4.51 2,290.20; CNET TECH (0.17%) 2.86 1,660.78

Inside CNET News

Scroll Left Scroll Right

Deep Tech
Mozilla pushes back Firefox 3.6, 4.0 deadlines
The newest version of the open-source browser won't arrive this year, and a major update might not arrive until 2011. But there are plenty of features coming.
Gallery
A real-world test of Google Goggles visual search (photos)
The Open Road
Canonical shines its Ubuntu light on consumers
Ubuntu has won rave reviews with the geeky Linux community, but can it make waves with average consumers? Its founder is betting the answer is yes.
Beyond Binary
Visual Studio launch delayed by 'a few weeks'
Microsoft says it's still working to resolve some performance issues related to the Visual Studio 2010 developer tool suite, which was slated for a March release.
Video
Behind the scenes of CBS's NFL coverage
Technically Incorrect
Escaped convict continues to update Facebook
Craig "Lazie" Lynch has been on the run from a U.K. prison since September. However, he continues to taunt police by updating his Facebook status. Now he is threatening to quit.
Video
Deep-sea volcanic explosion--part 2 (video)
The Social
Facebook COO nominated to Disney board
Sheryl Sandberg, who has been chief operating officer of the social network for nearly two years now, will join the board if shareholders approve in March.
The Space Shot
Soyuz craft docks, boosts space station crew
A Russian Soyuz spacecraft docked with the International Space Station Tuesday after a smooth, automated approach, boosting the lab's crew back up to five.
Gallery
Top-rated reviews of the week (photos)
The 404 Podcast
The 404 Yuletide Mini-sode: Where The 404 is the Fifth Element
Welcome back to another Yultide Mini-sode of CNET's The 404 Podcast. We'll be keeping you company with fresh episodes, year-end wrap-ups, CES previews, and much more!
Green Tech
Smart-grid spending to hit $200 billion by 2015
Technologies to automate and upgrade the grid will capture most of the $200 billion invested in modernizing electrical power systems, says Pike Research.