Описание
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.92~dfsg-2~dapper1ubuntu0.1 |
| devel | released | 0.92.1~dfsg-1 |
| edgy | ignored | end of life, was needed |
| feisty | released | 0.90.2-0ubuntu1.6 |
| gutsy | released | 0.91.2-3ubuntu2.3 |
| upstream | released | 0.92.1 |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
Связанные уязвимости
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Integer overflow in the cli_scanpe function in libclamav in ClamAV bef ...
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
EPSS
10 Critical
CVSS2