Heap-Based Buffer Overflow in ClamAV Affects Users and Applications
CVE-2014-9050

Currently unrated

Key Information:

Vendor

Clamav

Status
Clamav
Vendor
CVE Published:
1 December 2014

What is CVE-2014-9050?

A heap-based buffer overflow vulnerability exists in the cli_scanpe function within ClamAV's library, libclamav/pe.c. This flaw allows attackers to exploit the product by sending specially crafted PE files, leading to potential service disruptions. Users should promptly update their ClamAV installations to version 0.98.5 or later to mitigate this risk. The vulnerability underscores the importance of maintaining up-to-date security measures, particularly for widely used antivirus software.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2014...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2014...
vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/71242
vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.