CVE-2008-6680

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 0.95

Description The issue allows remote attackers to cause a denial of service, potentially leading to disruption of protected information. This can be achieved by exploiting a divide-by-zero error triggered by a crafted EXE file. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided.

Recommendations For versions prior to 0.95, update to version 0.95 or later to resolve the issue. As a temporary workaround, consider restricting access to the libclamav/pe.c component to minimize the risk of exploitation. Avoid processing crafted EXE files until the issue is resolved.