In association with heise online

04 December 2008, 11:25

ClamAV 0.94.2 resolves buffer overflow when scanning JPGs

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

With the release of version 0.94.2, the developers of ClamAV have fixed a flaw that could crash the scanner when it is parsing malformed jpegs. This is caused by a recursive buffer overflow that occurs when scanning thumbnails contained in the images. The thumbnails themselves are jpegs, and they are checked by the same ClamAV function cli_check_jpeg_exploit in libclamav/special.c used to check the original images.

The report says that the thumbnail can contain a further thumbnail which, because there are no recursion limits, will result in an overflow if malformed images are scanned. The update sets a recursion limit.

ClamAV has been using Twitter since the beginning of November to keep users informed of the latest developments, such as the release of new signatures.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit