ClamAV.UPX.File.Handling.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer overflow vulnerability in Clam AV.
The vulnerability can be exploited via a crafted UPX compressed executable file with illegal parameters in the UPX1 section. This allows a remote attacker to execute arbitrary code on a vulnerable system with root privileges.
Affected Products
Clam AntiVirus: Clam AntiVirus 0.87 and prior.
Impact
System compromise: remote code execution.
Recommended Actions
Apply the appropriate patch for your system.
http://www.clamav.net
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |