|
|
|||
| Rule General Information |
|---|
| Release Date: | 2010-03-09 | |
| Rule Name: | ClamAV libclamav MEW PE File Handling integer Overflow Vulnerability (CVE-2007-6335) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow. | |
| Impact: | Remote code execution | |
| Affected OS: | Others | |
| Reference: | SecurityFocusBID:26927 ExploitDB:4862 http://docs.info.apple.com/article.html?artnum=307562 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634 |
|
| Solutions |
|---|
| Update vendor's patch. |