Threat Encyclopedia

Clam.AntiVirus.Win32.UPX.Heap.Overflow

description-logoDescription

It indicates a possible exploit of an integer overflow vulnerability in Clam AntiVirus (ClamAV).
This flaw is due to an integer overflow error in the PE header parser [libclamav/pe.c], which could be exploited by attackers to compromise a vulnerable system where the "ArchiveMaxFileSize" option has been disabled.

affected-products-logoAffected Products

Clam AntiVirus (ClamAV) versions prior to 0.88.1

Impact logoImpact

The execution of arbitrary code on the system.

recomended-action-logoRecommended Actions

Upgrade to Clam AntiVirus (ClamAV) version 0.88.1 :
http://sourceforge.net/projects/clamav/

CVE References

CVE-2006-1614

Telemetry logoTelemetry