It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.
In the default installation, attackers would be isolated by the ClamAV AppArmor profile.
{ "availability": "No subscription required", "binaries": [ { "clamav-docs": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-testfiles": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-base": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-freshclam": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-milter": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-daemon": "0.98.7+dfsg-0ubuntu0.14.04.1", "libclamav6": "0.98.7+dfsg-0ubuntu0.14.04.1", "libclamav-dev": "0.98.7+dfsg-0ubuntu0.14.04.1", "clamav-dbg": "0.98.7+dfsg-0ubuntu0.14.04.1" } ] }