{"vuid":"VU#180864","idnumber":"180864","name":"Clam AntiVirus fails to properly handle crafted Portable Executable (PE) files","keywords":["Clam AntiVirus","ClamAV","DoS","denial of service","Portable Executable","PE","heap-based buffer overflow","apple-2006-007"],"overview":"A vulnerability in the way Clam AntiVirus processes Portable Executable (PE) files may lead to execution of arbitrary code.","clean_desc":"Clam AntiVirus is a GPL virus scanner that has built-in support for for a number of file types including PE. According to iDefense Public Advisory: 10.15.06: While processing certain PE elements, two variables can be very large and integer overflow could occur. This would result in less memory being allocated than was expected by the programmer and subsequent code would overflow the heap buffer. Note that an attacker must send a specially crafted PE file through any email gateway or personal anti-virus client that employs the Clam AntiVirus scanning engine in order to exploit this vulnerability.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.","resolution":"Update\nClam AntiVirus has released an updated version to address this issue. Refer to File Release Notes and Changelog for Clam AntiVirus 0.88.5.","workarounds":"","sysaffected":"","thanks":"This issue was reported in \nFile Release Notes and Changelog for Clam AntiVirus 0.88.5","author":"This document was written by Chris Taschner.","public":["http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422","http://kolab.org/security/kolab-vendor-notice-13.txt","http://www.securityfocus.com/bid/20535","http://www.frsirt.com/english/advisories/2006/4034","http://www.frsirt.com/english/advisories/2006/4136","http://securitytracker.com/id?1017068","http://secunia.com/advisories/22370","http://secunia.com/advisories/22421","http://secunia.com/advisories/22498","http://secunia.com/advisories/22488","http://secunia.com/advisories/22537","http://xforce.iss.net/xforce/xfdb/29607"],"cveids":["CVE-2006-4182"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-10-26T15:47:58Z","publicdate":"2006-10-16T00:00:00Z","datefirstpublished":"2006-11-07T21:37:12Z","dateupdated":"2006-11-07T21:41:38Z","revision":14,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"7","cam_population":"7","cam_impact":"20","cam_easeofexploitation":"9","cam_attackeraccessrequired":"20","cam_scorecurrent":"10.395","cam_scorecurrentwidelyknown":"12.7575","cam_scorecurrentwidelyknownexploited":"22.2075","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.395,"vulnote":null}