Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "clamav-docs": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-testfiles": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-base": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-freshclam": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-milter": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-daemon": "0.98.5+addedllvm-0ubuntu0.14.04.1", "libclamav6": "0.98.5+addedllvm-0ubuntu0.14.04.1", "libclamav-dev": "0.98.5+addedllvm-0ubuntu0.14.04.1", "clamav-dbg": "0.98.5+addedllvm-0ubuntu0.14.04.1" } ] }