CVE-2010-4261

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 0.96.5

Description The issue is related to an off-by-one error in the icon cb function in pe icons.c in libclamav. This error can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or potentially execute arbitrary code.

Recommendations For versions prior to 0.96.5, update to version 0.96.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the icon cb function in pe icons.c until the update is applied.