Threat Encyclopedia



It indicates a possible exploit of an integer overflow vulnerability in Clam AntiVirus (ClamAV).
This flaw is due to an integer overflow error in the PE header parser [libclamav/pe.c], which could be exploited by attackers to compromise a vulnerable system where the "ArchiveMaxFileSize" option has been disabled.

affected-products-logoAffected Products

Clam AntiVirus (ClamAV) versions prior to 0.88.1

Impact logoImpact

The execution of arbitrary code on the system.

recomended-action-logoRecommended Actions

Upgrade to Clam AntiVirus (ClamAV) version 0.88.1 :

CVE References


Telemetry logoTelemetry