Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.92.0 PE File Handling Integer Overflow (deprecated)



The remote host is vulnerable to a buffer overflow.


The remote host is running the ClamAV antivirus client.

This version of ClamAV is vulnerable to a remote integer overflow due to a content-parsing flaw when handling malformed PE files. An attacker exploiting this flaw would only need the ability to send a malformed attachment to a system protected by ClamAV. Successful exploitation would result in the attacker overwriting critical memory blocks and either crashing the service or executing arbitrary code.


Upgrade to version 0.92.0 or higher.