icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ClamAV < 0.88.0 UPX File Processing Overflow

High

Synopsis

The remote host is vulnerable to a heap overflow.

Description

The remote host is running ClamAV, an open-source antivirus solution for Unix and Windows systems. This version of ClamAV is reported to be vulnerable to a flaw where the parsing of a malicious file will cause the clamav process to execute arbitrary code. While the details of the attack are currently unknown, it is rumoured that an attacker exploiting this flaw would only need to be able to craft and send a malformed email to a ClamAV server. Successful exploitation results in the server executing arbitrary code or crashing.

Solution

Upgrade to version 0.88.0 or higher.