In association with heise online

08 August 2006, 11:33

ClamAV can trip over UPX-compressed .EXEs

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A vulnerability in the open source virus scanner ClamAV enables attackers to execute arbitrary code on affected computers. The error can arise during the unpacking of programs compressed using the commonly used UPX format.

In a security advisory from, the hole's discoverer also linked to proof-of-concept code that exploits the vulnerability. Version 0.88.3 of ClamAV, and in all likelihood older versions, are affected.

The project's homepage is now offering version 0.88.4, which purportedly no longer contains the flaw. All users of ClamAV, in particular (mail) server administrators who rely on ClamAV, should update to the newer version ASAP.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit