Vulnerability CVE-2006-1614: Information
Description
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Severity: MEDIUM (5.1)
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
http://www.overflow.pl/adv/clamavupxinteger.txt |
|
http://sourceforge.net/project/shownotes.php?release_id=407078&group_id=86638 |
|
DSA-1024 |
|
17388 | |
19534 |
|
19536 |
|
GLSA-200604-06 | |
2006-0020 | |
19570 | |
SUSE-SA:2006:020 | |
19608 | |
19564 | |
19567 | |
24457 | |
1015887 | |
APPLE-SA-2006-05-11 | |
TA06-132A |
|
20077 | |
17951 | |
http://up2date.astaro.com/2006/05/low_up2date_6202.html | |
23719 | |
MDKSA-2006:067 | |
ADV-2006-1779 | |
ADV-2006-1258 | |
clamav-pe-overflow(25660) | |
20060406 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow (not default configuration) |