Daehui Chang

**Name of the Vulnerable Software and Affected Versions** Clam AntiVirus (ClamAV) version 0.102.2 **Description** A vulnerability in the ARJ archive parsing module could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The issue is due to a heap buffer overflow read. An attacker could exploit this by sending a crafted ARJ file to an affected device, potentially causing the ClamAV scanning process to crash. **Recommendations** For version 0.102.2, consider updating to a newer version that addresses the heap buffer overflow read issue in the ARJ archive parsing module to prevent denial of service conditions. As a temporary workaround, consider restricting the processing of ARJ files until a patch is available.