Red Hat Bugzilla – Bug 201688
Clam AntiVirus Win32-UPX Heap Overflow
Last modified: 2007-11-30 17:11:39 EST
Description of problem:
Remote exploitation of a heap overflow vulnerability could allow execution of
arbitrary code or cause denial of service.
Vulnerability exists in pefromupx() function, that is used to buil Win32 PE file
from UPX packed file.
Version-Release number of selected component (if applicable):
This is already fixed in 0.88.4.