Intrusion Prevention

ClamAV.libclamav.PE.File.Handling.Integer.Overflow

Description

This indicates an attempt to exploit an integer overflow vulnerability in Clam AntiVirus (ClamAV).
The vulnerability is caused by an integer overflow error that occurs in the "libclamav/pe.c" file when handling certain PE files. It can be exploited to crash the application or execute arbitrary code.

Affected Products

ClamAV prior to 0.92.1

Impact

System Compromise: remote code execution.
Denial of Service.

Recommended Actions

Upgrade to the latest version of ClamAV (0.92.1 or later):
http://sourceforge.net/project/shownotes.php?release_id=575703.

CVE References

CVE-2008-0318