13 matches found
Updated upx packages fix security vulnerability
The updated package fixes security vulnerabilities: An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an...
CVE-2019-14295
CVE-2019-14295 affects UPX 3.95: an Integer overflow in getElfSections (p_vmlinx.cpp) can cause a DoS crash by allocating excessive memory when a crafted skewed offset exceeds the PE section size in a UPX-packed executable. Related CVE-2019-14296 canUnpack in the same file may cause SEGV/buffer o...
CVE-2019-14295
An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory...
CVE-2013-2020
Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...
Integer overflow
Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...
CVE-2013-2020
Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...
CVE-2013-2020
CVE-2013-2020 concerns ClamAV before 0.97.8 where an integer underflow in cli_scanpe (pe.c) can trigger an out-of-bounds read when parsing UPX-packed executables with a skewed offset, allowing a remote denial-of-service (crash). Public references in OpenVAS/SUSE advisories corroborate the issue a...
ClamAV < 0.97.8 Multiple Vulnerabilities
According to its version, the ClamAV clamd antivirus daemon on the remote host is earlier than 0.97.8 and is, therefore, potentially affected by the following vulnerabilities : - An overflow condition exists in the 'getsisstring' function in 'libclamav/sis.c' when handling SIS content. This flaw...
CVE-2013-2020
Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...
CVE-2005-2920
Buffer overflow in libclamav/upx.c in Clam AntiVirus ClamAV before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable...
CVE-2005-2920
Buffer overflow in libclamav/upx.c in Clam AntiVirus ClamAV before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable...
CVE-2005-2920
Buffer overflow in libclamav/upx.c in Clam AntiVirus ClamAV before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable...
CVE-2005-2920
CVE-2005-2920 : ClamAV is affected by a buffer overflow in libclamav/upx.c when processing UPX-packed executables. The issue allows a remote attacker to potentially execute arbitrary code by sending a crafted UPX-packed file. Public entries and advisories confirm this in ClamAV versions prior to ...