CVE-2010-4261

Publication date 7 December 2010

Last updated 24 July 2024


Ubuntu priority

Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

Read the notes from the security team

Status

Package Ubuntu Release Status
clamav 10.10 maverick
Fixed 0.96.3+dfsg-2ubuntu1.2
10.04 LTS lucid
Fixed 0.96.3+dfsg-2ubuntu1.0.10.04.2
9.10 karmic
Not affected
8.04 LTS hardy
Not affected
6.06 LTS dapper
Not affected

Notes


jdstrand

pe_icons.c was introduced in 0.96

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
clamav

References

Related Ubuntu Security Notices (USN)

    • USN-1031-1
    • ClamAV vulnerabilities
    • 10 December 2010

Other references