6.4 Medium
AI Score
Confidence
High
0.056 Low
EPSS
Percentile
93.2%
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.