Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4018 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Clamav

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources

Severity

7.8HIGHNVD

NVD7.5OSV7.5

EPSS

44.6%

top 2.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Clamav Debian Clamav

Timeline

PublishedAug 8

Latest updateMay 1

Description

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/clamav< clamav 0.88.4-1 (bookworm)

▶Debianclamav/clamav< 0.88.4-1+3

▶NVDclamav/clamav15 versions+14

Patches

Patch: www.clamav.net ↗Patch: www.overflow.pl ↗Patch: www.clamav.net ↗

🔴Vulnerability Details

GHSA

GHSA-4jgv-gpc4-9rmg: Heap-based buffer overflow in the pefromupx function in libclamav/upx↗2022-05-01

▶

GHSA

GHSA-9xg5-vc2j-8rf8: Multiple unspecified vulnerabilities in SnapGear before 3↗2022-05-01

▶

OSV

CVE-2006-4018: Heap-based buffer overflow in the pefromupx function in libclamav/upx↗2006-08-08

▶

💥Exploits & PoCs

Exploit-DB

Clam Anti-Virus ClamAV 0.88.x - UPX Compressed PE File Heap Buffer Overflow↗2006-08-07

▶

📋Vendor Advisories

Debian

CVE-2006-4018: clamav - Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam ...↗2006

▶

💬Community

Bugzilla

Clam AntiVirus Win32-UPX Heap Overflow↗2006-08-08

▶