Cisco · Clamav · CVE-2015-2668
**Name of the Vulnerable Software and Affected Versions**
ClamAV versions prior to 0.98.7
**Description**
The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by using a crafted xz archive file.
**Recommendations**
For versions prior to 0.98.7, update to version 0.98.7 or later to resolve the issue.