Intrusion Prevention

Clam.AntiVirus.Win32.UPX.Heap.Overflow

Description

It indicates a possible exploit of an integer overflow vulnerability in Clam AntiVirus (ClamAV).
This flaw is due to an integer overflow error in the PE header parser [libclamav/pe.c], which could be exploited by attackers to compromise a vulnerable system where the "ArchiveMaxFileSize" option has been disabled.

Affected Products

Clam AntiVirus (ClamAV) versions prior to 0.88.1

Impact

The execution of arbitrary code on the system.

Recommended Actions

Upgrade to Clam AntiVirus (ClamAV) version 0.88.1 :
http://sourceforge.net/projects/clamav/

CVE References

CVE-2006-1614