Date: Sun, 3 May 2015 18:24:35 +0200 From: Sebastian Andrzej Siewior <cve-announce@...breakpoint.cc> To: oss-security@...ts.openwall.com Subject: CVE request - clamav - crash during algorithmic detection on crafted PE file Clamav  is a virus scanning tool which is able to detect malware called "W32.Polipos.A". During its detection it may crash due to an integer underflow while examining its PE-sections. This bug has been fixed  and is part of the 0.98.7 release. This bug has been discovered by AFL , american fuzzy lop  http://www.clamav.net/  https://github.com/vrtadmin/clamav-devel/commit/a7bdfb4f0d3210eeab49280726ff3ea6d703280e  http://lcamtuf.coredump.cx/afl/ Sebastian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ