Your submission was sent successfully! Close

CVE-2014-9050

Published: 24 November 2014

Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.

Priority

Medium

Status

Package Release Status
clamav
Launchpad, Ubuntu, Debian
Upstream
Released (0.98.5)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.98.5+addedllvm-0ubuntu0.14.04.1)
Patches:
Upstream: https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e