ClamAV.UPX.File.Handling.Integer.Overflow

description-logoDescription

This indicates an attack attempt to exploit an Integer Overflow vulnerability in ClamAV antivirus.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted UPX-packed executable files. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system, via a crafted file.

affected-products-logoAffected Products

ClamAV Clam AntiVirus Prior to 0.98.7

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the vendor's website.
http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)