Lucene search
FreeBSD612A34EC-81DC-11DA-A043-0002A5C3D308HistoryJan 09, 2006 - 12:00 a.m.
clamav -- possible heap overflow in the UPX code
2006-01-0900:00:00
vuxml.freebsd.org
18
0.374 Low
EPSS
Percentile
97.2%
The Zero Day Initiative reports:
This vulnerability allows remote attackers to execute
arbitrary code on vulnerable Clam AntiVirus
installations. Authentication is not required to exploit
this vulnerability.
This specific flaw exists within libclamav/upx.c during
the unpacking of executable files compressed with UPX. Due
to an invalid size calculation during a data copy from the
user-controlled file to heap allocated memory, an
exploitable memory corruption condition is created.
Related
nessus
nessus
Debian DSA-947-2 : clamav - heap overflow
2006-10-14 00:00:00
GLSA-200601-07 : ClamAV: Remote execution of arbitrary code
2006-01-15 00:00:00
securityvulns
securityvulns
cve
cve
CVE-2006-0162
2006-01-10 19:03:00
prion
prion
Heap overflow
2006-01-10 19:03:00
openvas
openvas
SLES9: Security update for clamav
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200601-07 (clamav)
2008-09-24 00:00:00
Debian Security Advisory DSA 947-1 (clamav)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 947-2] New clamav packages fix heap overflow
2006-01-25 00:00:00
[SECURITY] [DSA 947-1] New ClamAV packages fix heap overflow
2006-01-20 00:00:00
[SECURITY] [DSA 947-1] New ClamAV packages fix heap overflow
2006-01-20 10:57:26
cvelist
cvelist
CVE-2006-0162
2006-01-10 19:00:00
debiancve
debiancve
CVE-2006-0162
2006-01-10 19:03:00
zdi
zdi
Clam AntiVirus UPX Unpacking Code Execution Vulnerability
2006-01-12 00:00:00
ubuntucve
ubuntucve
CVE-2006-0162
2006-01-10 00:00:00
cert
cert
gentoo
gentoo
ClamAV: Remote execution of arbitrary code
2006-01-13 00:00:00