Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-05-13T23:00:00
Updated: 2014-12-09T18:57:01
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2020
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-05-13T23:55:02.243
Modified: 2015-09-28T16:31:08.163
Link: CVE-2013-2020
JSON object: View
Redhat Information
No data.
CWE