ClamAV 'petite.c' Invalid Memory Access Denial Of Service Vulnerability

info
discussion
exploit
solution
references

ClamAV 'petite.c' Invalid Memory Access Denial Of Service Vulnerability

ClamAV is prone to a denial-of-service vulnerability caused by an invalid memory access during a 'memcpy()' call.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed.

Versions prior to ClamAV 0.93.1 are vulnerable.