[Pkg-clamav-devel] Bug#770985: Bug#770985: clamav: heap buffer overflow when scanning a specially crafted y0da Crypter obfuscated PE file
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Tue Nov 25 21:18:21 UTC 2014
On Tue, Nov 25, 2014 at 07:07:30PM +0100, Ralf Hildebrandt wrote:
> Version: 0.98.1+dfsg-1+deb6u3
> A heap buffer overflow was reported in [1] in ClamAV when scanning a
> specially crafted y0da Crypter obfuscated PE file.
> Note that this is remotely exploitable when ClamAV is used as a mail
> gateway scanner.
we are aware of the situtation, a stable upload is already waiting. Please
note that there won't be an update for Squeeze unless the LTS team does so.
Sebastian
More information about the Pkg-clamav-devel
mailing list