Description: Two vulnerabilities have been reported in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1) An out-of-bounds memory access error in the CHM (Compressed HTML Help) unpacker in chmunpack.c can be exploited to crash the virus scanning service via a specially crafted CHM file.
2) An integer overflow error in rebuildpe.c when rebuilding PE files after unpacking can be exploited to cause a heap-based buffer overflow via a specially crafted executable.
Successful exploitation of this vulnerability may allow execution of arbitrary code.
The vulnerabilities are reported in version 0.88.4. Prior versions may also be affected.
Solution: Update to version 0.88.5.
Provided and/or discovered by: Discovered by an anonymous person and Damian Put and reported via iDefense Labs.
Changelog: 2006-10-17: Added details provided by iDefense Labs.
2006-11-08: Added link to US-CERT.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.