The rfc2231 function in message.c in libclamav in ClamAV prior to 0.93 allows remote malicious users to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clam anti-virus clamav 0.90_rc3 |
||
clam anti-virus clamav 0.90rc1 |
||
clam anti-virus clamav 0.91 |
||
clam anti-virus clamav 0.92 |
||
clam anti-virus clamav 0.90_rc1.1 |
||
clam anti-virus clamav 0.90_rc2 |
||
clam anti-virus clamav 0.90 |
||
clam anti-virus clamav 0.90.1 |