Jamie Strandboge | 21 May 17:18 2010

CVE Request: off by one DoS in pe_icons.c

Though the bug report and patch have very little details, our clamav
maintainer confirmed with upstream that the following commit fixes a DoS
via off by one error. It only affects 0.96 (code not present in earlier
versions). A quick look at the code and patch suggests an out of bounds
access on the dynamically allocated *imagedata array.



Jamie Strandboge             | http://www.canonical.com