Medium Nessus Plugin ID 24426
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:046 (clamav).
Damian Put discovered a bug in the UPX decoder used for scanning UPX compressed Windows executables. The bug allows for a heap buffer overflow and may potentially be exploitable to execute arbitrary code. ClamAV has been version updated to version 0.88.4 in order to fix this problem.