CVE-2006-4018: Buffer Overflow
First published: Tue Aug 08 2006(Updated: )
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ClamAV | =0.86.2 | |
| ClamAV | =0.81 | |
| ClamAV | =0.86 | |
| ClamAV | =0.85 | |
| ClamAV | =0.84 | |
| ClamAV | =0.86-rc1 | |
| ClamAV | =0.87.1 | |
| ClamAV | =0.88 | |
| ClamAV | =0.86.1 | |
| ClamAV | =0.88.1 | |
| ClamAV | =0.85.1 | |
| ClamAV | =0.81-rc1 | |
| ClamAV | =0.84-rc1 | |
| ClamAV | =0.88.2 | |
| ClamAV | =0.83 | |
| ClamAV | =0.87 | |
| ClamAV | =0.84-rc2 | |
| ClamAV | =0.88.3 | |
| ClamAV | =0.82 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.overflow.pl/adv/clamav_upx_heap.txt
- http://www.clamav.net/security/0.88.4.html
- http://security.gentoo.org/glsa/glsa-200608-13.xml
- http://www.securityfocus.com/bid/19381
- http://secunia.com/advisories/21374
- http://secunia.com/advisories/21368
- http://secunia.com/advisories/21433
- http://www.novell.com/linux/security/advisories/2006_46_clamav.html
- http://securitytracker.com/id?1016645
- http://secunia.com/advisories/21457
- http://kolab.org/security/kolab-vendor-notice-10.txt
- http://www.debian.org/security/2006/dsa-1153
- http://www.trustix.org/errata/2006/0046/
- http://secunia.com/advisories/21443
- http://secunia.com/advisories/21497
- http://secunia.com/advisories/21562
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:138
- http://www.vupen.com/english/advisories/2006/3175
- http://www.vupen.com/english/advisories/2006/3275
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28286
- http://www.securityfocus.com/archive/1/442681/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-4018?
CVE-2006-4018 is considered a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2006-4018?
To mitigate CVE-2006-4018, upgrade ClamAV to version 0.88.4 or later.
Who is affected by CVE-2006-4018?
CVE-2006-4018 affects Clam AntiVirus versions from 0.81 through 0.88.3.
What type of vulnerability is CVE-2006-4018?
CVE-2006-4018 is a heap-based buffer overflow vulnerability.
What can attackers achieve through CVE-2006-4018?
Attackers can execute arbitrary code on the affected system by exploiting CVE-2006-4018.
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/clamav
- canonical/clamav
- version/clamav/0.86.2
- version/clamav/0.81
- version/clamav/0.86
- version/clamav/0.85
- version/clamav/0.84
- version/clamav/0.86-rc1
- version/clamav/0.87.1
- version/clamav/0.88
- version/clamav/0.86.1
- version/clamav/0.88.1
- version/clamav/0.85.1
- version/clamav/0.81-rc1
- version/clamav/0.84-rc1
- version/clamav/0.88.2
- version/clamav/0.83
- version/clamav/0.87
- version/clamav/0.84-rc2
- version/clamav/0.88.3
- version/clamav/0.82