CVE-2010-1640

Name of the Vulnerable Software and Affected Versions ClamAV version 0.96

Description The issue is related to an off-by-one error in the parseicon function, which can cause a denial of service (crash) when processing a crafted PE icon. This occurs due to an out-of-bounds read triggered by improper rounding during scaling.

Recommendations For ClamAV version 0.96, consider updating to a newer version that addresses this issue, as the current version is affected by the off-by-one error in the parseicon function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.