Cisco · Clamav · CVE-2014-9050
**Name of the Vulnerable Software and Affected Versions**
ClamAV versions prior to 0.98.5
**Description**
The issue is related to a heap-based buffer overflow in the `cli scanpe` function, which can be triggered by a crafted y0da Crypter PE file, allowing remote attackers to cause a denial of service (crash).
**Recommendations**
For versions prior to 0.98.5, update to version 0.98.5 or later to resolve the issue.