CVE-2006-4018

EPSS 44.6%

clamav - buffer overflow

Published: 8/8/2006Modified: 4/28/2026

Description

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.

Affected packages (2)

Debian/clamavfrom 0, < 0.88.4-1
Debian/clamavfrom 0, < 0.84-2.sarge.10

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4018