Yes, it is. And if a malicious file is being attached to an email for ClamAV to scan, then if a signature can be written to catch a file that may be attempting to export this vulnerability with either a logical signature or a bytecode signature, then I am sure that the ClamAV will write one to catch a file attempting to exploit the vulnerability.
That was not the impression of your question when I read it. As “vulnerabilities” are not added to ClamAV, signatures that look for the possible presence of a vulnerability in the file being scanned by ClamAV would be the most accurate way of saying that. > On Jan 16, 2025, at 15:20, Marc <m...@f1-outsourcing.eu> wrote: > > I have the impression this is some binary that is being attached, next to > that isn't clamav mostly used as email scanner? ;) > >> Subject: Re: [clamav-users] CVE-2025-21298 vulnerability >> >> ClamAV is an AV/file scanner. Not a Vulnerability scanner. >> >>> On Jan 16, 2025, at 14:36, Marc via clamav-users <clamav- >> us...@lists.clamav.net> wrote: >>> >>> I am just a bit curious are such vulnerabilities added to clamav? >>> >
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
