Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2013-05-13 16:55
Updated : 2015-09-28 09:31
NVD link : CVE-2013-2020
Mitre link : CVE-2013-2020
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
canonical
- ubuntu_linux
suse
- linux_enterprise_server
clamav
- clamav