freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-17T10:00:00
Updated: 2018-10-18T14:57:01
Reserved: 2006-05-17T00:00:00
Link: CVE-2006-2427
JSON object: View
NVD Information
Status : Modified
Published: 2006-05-17T10:06:00.000
Modified: 2023-11-07T01:58:49.253
Link: CVE-2006-2427
JSON object: View
Redhat Information
No data.
CWE