Back to search
CVE-2006-4018
Published: Aug 8, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2006-3175
vdb-entry
x_refsource_VUPEN
20060809 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow
mailing-list
x_refsource_BUGTRAQ
21562
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2006:046
vendor-advisory
x_refsource_SUSE
21368
third-party-advisory
x_refsource_SECUNIA
21433
third-party-advisory
x_refsource_SECUNIA
GLSA-200608-13
vendor-advisory
x_refsource_GENTOO
21497
third-party-advisory
x_refsource_SECUNIA
http://kolab.org/security/kolab-vendor-notice-10.txt
x_refsource_CONFIRM
DSA-1153
vendor-advisory
x_refsource_DEBIAN
21443
third-party-advisory
x_refsource_SECUNIA
MDKSA-2006:138
vendor-advisory
x_refsource_MANDRIVA
19381
vdb-entry
x_refsource_BID
1016645
vdb-entry
x_refsource_SECTRACK
http://www.overflow.pl/adv/clamav_upx_heap.txt
x_refsource_MISC
http://www.clamav.net/security/0.88.4.html
x_refsource_CONFIRM
clamav-pefromupx-bo(28286)
vdb-entry
x_refsource_XF
2006-0046
vendor-advisory
x_refsource_TRUSTIX
21457
third-party-advisory
x_refsource_SECUNIA
21374
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3275
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now