Unrated severityNVD Advisory· Published May 17, 2006· Updated Jun 16, 2026
CVE-2006-2427
CVE-2006-2427
Description
freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file.
Affected products
4Patches
Vulnerability mechanics
References
7- securitytracker.com/idnvdExploit
- secunia.com/advisories/20085nvdVendor Advisory
- securityreason.com/securityalert/912nvd
- www.digitalmunition.com/DMA%5B2006-0514a%5D.txtnvd
- www.securityfocus.com/archive/1/434008/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1807nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26453nvd
News mentions
0No linked articles in our index yet.