Bug 201688 - (CVE-2006-4018) Clam AntiVirus Win32-UPX Heap Overflow
Clam AntiVirus Win32-UPX Heap Overflow
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: clamav (Show other bugs)
4
All Linux
medium Severity urgent
: ---
: ---
Assigned To: Enrico Scholz
Fedora Extras Quality Assurance
http://www.overflow.pl/adv/clamav_upx...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-08 07:05 EDT by Dirk Nehring
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version: 0.88.5-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-11-06 08:39:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dirk Nehring 2006-08-08 07:05:25 EDT
Description of problem:
Remote exploitation of a heap overflow vulnerability could allow execution of
arbitrary code or cause denial of service.

Vulnerability exists in pefromupx() function, that is used to buil Win32 PE file
from UPX packed file.

Version-Release number of selected component (if applicable):

0.88.3
Comment 1 Lubomir Kundrak 2006-09-14 11:18:29 EDT
CVE-2006-4018
This is already fixed in 0.88.4.

Note You need to log in before you can comment on or make changes to this bug.