Описание
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.88.2-1ubuntu1.3 |
| devel | released | 0.91.2-3ubuntu1 |
| edgy | released | 0.88.4-1ubuntu2.1 |
| feisty | released | 0.90.2-0ubuntu1.3 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions befor ...
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected.
EPSS
7.5 High
CVSS2