CVE-2006-0162 - Clamav buffer overflow vulnerability
Bug #31430 reported by
Jeff Balderson
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| clamav (Ubuntu) |
Fix Released
|
High
|
MOTU | ||
| Hoary |
Invalid
|
Medium
|
Unassigned | ||
| Breezy |
Invalid
|
Medium
|
Unassigned | ||
Bug Description
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
http://
This has been fixed in Debian Sarge since Jan 21 2006:
http://
Please update packages for both Hoary and Breezy.
CVE References
| Changed in clamav: | |
| assignee: | nobody → motu |
Revision history for this message
| Martin Pitt (pitti) wrote | #1 |
| Changed in clamav: | |
| status: | Unconfirmed → Confirmed |
Revision history for this message
| Patrick Ancillotti (patricka) wrote | #2 |
Revision history for this message
| Vassilis Pandis (pandisv) wrote | #3 |
Revision history for this message
| Vassilis Pandis (pandisv) wrote | #4 |
Revision history for this message
| Vassilis Pandis (pandisv) wrote | #5 |
| Changed in clamav: | |
| status: | Unconfirmed → Rejected |
| status: | Unconfirmed → Rejected |
Revision history for this message
| Vassilis Pandis (pandisv) wrote | #6 |
| Changed in clamav: | |
| status: | Confirmed → Fix Released |
| Changed in ubp-hoary: | |
| status: | Unconfirmed → Rejected |
| Changed in breezy-backports: | |
| status: | Unconfirmed → Rejected |
To post a comment you must log in.
Fixed in dapper, up to date in ubuntu-cve
http://