Date: Sun, 3 May 2015 18:24:35 +0200 From: Sebastian Andrzej Siewior <cve-announce@...breakpoint.cc> To: oss-security@...ts.openwall.com Subject: CVE request - clamav - crash during algorithmic detection on crafted PE file Clamav  is a virus scanning tool which is able to detect malware called "W32.Polipos.A". During its detection it may crash due to an integer underflow while examining its PE-sections. This bug has been fixed  and is part of the 0.98.7 release. This bug has been discovered by AFL , american fuzzy lop  http://www.clamav.net/  https://github.com/vrtadmin/clamav-devel/commit/a7bdfb4f0d3210eeab49280726ff3ea6d703280e  http://lcamtuf.coredump.cx/afl/ Sebastian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.