Gentoo Linux Security Advisory 201405-8 - Multiple vulnerabilities have been found in ClamAV, the worst of which could lead to arbitrary code execution. Versions less than 0.98 are affected.
ca4bbc6bfc70c0a007ce852addec82b460b849ba6619d6a1566c5cc794ad74fc
Apple Security Advisory 2013-09-17-1 - OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
c516deac95bf69d79df1127a6874872a55731b550670e67d4698fcc32e5a44ee
Ubuntu Security Notice 1816-1 - It was discovered that ClamAV would incorrectly parse a UPX-packed executable, leading to possible inappropriate heap reads. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that ClamAV would incorrectly parse a PDF document, potentially writing beyond the size of a static array. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
90798497ba4abf490f735c6afa7553a3509238ab51935fd03002e4d999c514b4
Mandriva Linux Security Advisory 2013-159 - ClamAV 0.97.8 addresses several reported potential security bugs.
68cc0cc22a4ed195526f56899d1de26e093221267702011cafeb39641c3d6282