Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.88.0 UPX File Processing Overflow (deprecated)



The remote host is vulnerable to a heap overflow.


The remote host is running ClamAV, an open-source antivirus solution for Unix and Windows systems. This version of ClamAV is reported to be vulnerable to a flaw where the parsing of a malicious file will cause the clamav process to execute arbitrary code. While the details of the attack are currently unknown, it is rumoured that an attacker exploiting this flaw would only need to be able to craft and send a malformed email to a ClamAV server. Successful exploitation results in the server executing arbitrary code or crashing.


Upgrade to version 0.88.0 or higher.