ClamAV prior to 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clamav clamav |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
debian debian linux 8.0 |