unrar.c in libclamav in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clam anti-virus clamav 0.90_rc3 |
||
clam anti-virus clamav 0.90.2 |
||
clam anti-virus clamav 0.90_rc1.1 |
||
clam anti-virus clamav 0.90_rc2 |
||
clam anti-virus clamav 0.90 |
||
clam anti-virus clamav 0.90.1 |