[Pkg-clamav-devel] Bug#770985: clamav: heap buffer overflow when scanning a specially crafted y0da Crypter obfuscated PE file
Ralf Hildebrandt
ralf.hildebrandt at charite.de
Tue Nov 25 18:07:30 UTC 2014
Package: clamav
Version: 0.98.1+dfsg-1+deb6u3
Severity: important
Dear Maintainer,
A heap buffer overflow was reported in [1] in ClamAV when scanning a
specially crafted y0da Crypter obfuscated PE file.
Note that this is remotely exploitable when ClamAV is used as a mail
gateway scanner.
Upstream fix is available here: [2].
ClamAV 0.98.5 contains the above fix.
Additional references:
[1] https://bugzilla.clamav.net/show_bug.cgi?id=11155
[2] https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e
-- System Information:
Debian Release: jessie/sid
APT prefers utopic-updates
APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the Pkg-clamav-devel
mailing list