The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-base" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-daemon" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-dbg" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-docs" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-freshclam" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-milter" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "clamav-testfiles" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "libclamav-dev" }, { "binary_version": "0.98.7+dfsg-0ubuntu0.14.04.1", "binary_name": "libclamav6" } ] }