Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Jamie Strandboge <jamie-Z7WLFzj8eWMS+FvcfC7Uqw <at> public.gmane.org>
Subject: CVE Request: off by one DoS in pe_icons.c
Newsgroups: gmane.comp.security.oss.general
Date: Friday 21st May 2010 15:18:59 UTC (over 6 years ago)
Though the bug report and patch have very little details, our clamav
maintainer confirmed with upstream that the following commit fixes a DoS
via off by one error. It only affects 0.96 (code not present in earlier
versions). A quick look at the code and patch suggests an out of bounds
access on the dynamically allocated *imagedata array.

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031
http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=7f0e3bbf77382d9782e0189bf80f5f59a95779b3


-- 
Jamie Strandboge             | http://www.canonical.com
 
CD: 2ms