Red Hat Bugzilla – Bug 442741
CVE-2008-1833 clamav: PE WWPack Heap Overflow Vulnerability
Last modified: 2008-06-19 06:49:51 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1833 to the following vulnerability:
Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote
attackers to execute arbitrary code via a crafted WWPack compressed PE
Fixed in 0.93.
this was really fixed in 0.93-rc1 and only announce after 0.93.
clamav-0.92.1-2.fc7 has been submitted as an update for Fedora 7
clamav-0.92.1-2.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
clamav-0.92.1-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: