oss-sec mailing list archives
CVE request - clamav - crash during algorithmic detection on crafted PE file
From: Sebastian Andrzej Siewior <cve-announce () ml breakpoint cc>
Date: Sun, 3 May 2015 18:24:35 +0200
Clamav [0] is a virus scanning tool which is able to detect malware called "W32.Polipos.A". During its detection it may crash due to an integer underflow while examining its PE-sections. This bug has been fixed [1] and is part of the 0.98.7 release. This bug has been discovered by AFL [3], american fuzzy lop [0] http://www.clamav.net/ [1] https://github.com/vrtadmin/clamav-devel/commit/a7bdfb4f0d3210eeab49280726ff3ea6d703280e [2] http://lcamtuf.coredump.cx/afl/ Sebastian
Current thread:
- CVE request - clamav - crash during algorithmic detection on crafted PE file Sebastian Andrzej Siewior (May 03)