ClamAV.libclamav.MEW.PE.File.Handling.Integer.Overflow

description-logoDescription

This indicates an attempt to exploit an integer overflow vulnerability in ClamAV.
The vulnerability can be triggered when the application processes malformed PE files. An unauthenticated attacker can exploit this vulnerability by delivering a crafted PE file to the scanning service, resulting in injection and execution of arbitrary code.

affected-products-logoAffected Products

Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Clam Anti-Virus ClamAV 0.91.2

Impact logoImpact

System Compromise: remote code execution.

recomended-action-logoRecommended Actions

Upgrade to the latest version of Clam AntiVirus (0.92 or later):
http://www.clamav.net/.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)