CVE-2008-0318

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 0.92.1

Description The issue is related to an integer overflow in the cli scanpe function within the libclamav library of ClamAV. This overflow can be triggered by remote attackers using a crafted Petite packed PE file, potentially leading to a denial of service and possibly allowing the execution of arbitrary code due to a heap-based buffer overflow.

Recommendations For versions prior to 0.92.1, update to version 0.92.1 or later to resolve the issue. As a temporary workaround, consider restricting the processing of Petite packed PE files until the update is applied.