CVE-2006-1614
clamav - heap overflow
EPSS 28.2%
Description
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
How to fix CVE-2006-1614
To remediate CVE-2006-1614, upgrade the affected package to a fixed version below.
- Debian/clamav—upgrade to 0.88.1-1 or later
- Debian/clamav—upgrade to 0.84-2.sarge.8 or later
Is CVE-2006-1614 being exploited?
Moderate — EPSS is 28.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.88.1-1
- from 0, < 0.84-2.sarge.8