Description of problem: Remote exploitation of a heap overflow vulnerability could allow execution of arbitrary code or cause denial of service. Vulnerability exists in pefromupx() function, that is used to buil Win32 PE file from UPX packed file. Version-Release number of selected component (if applicable): 0.88.3
CVE-2006-4018 This is already fixed in 0.88.4.