DoS vulnerability in ClamAV fixed
Version 0.93.1 of the free ClamAV virus scanner fixes a problem which occurs when processing compressed files. Executable files compressed with the Petite packer may provoke a memory error and cause the scanner to crash in certain circumstances. Attackers can exploit this flaw to carry out DoS attacks on mail gateways which use ClamAV to scan attachments.
Affected are all versions up to 0.93.1. ClamAV 0.93.1 also offers improved handling of PDF, CAB, RTF, OLE2 and HTML files and fixes several other problems.
See also:
- Invalid memory access in petite, entry in ClamAV bug database
(trk)