An off-by-one error was found in the way the hash manager of Clam AntiVirus, a GPL anti-virus toolkit for UNIX, performed scan of messages with certain hashes. A remote attacker could provide a message with specially-crafted hash signature in it, leading to denial of service (clamscan executable crash).
Upstream bug report:
This issue affects the versions of the clamav package, as shipped with Fedora release of 14 and 15. Please schedule an update.
This issue affects the versions of the clamav package, as present within EPEL-4, EPEL-5, and EPEL-6 repositories. Please schedule an update.
Created clamav tracking bugs for this issue
Affects: epel-all [bug 725695]
Affects: fedora-all [bug 725696]
This was assigned CVE-2011-2721: