Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Best Practical Solutions RT 3.2.0 Release Candidate 4
Suse Linux enterprise server 11.0 Sp1 (not an official CPE)
Suse Linux enterprise server 11.0 Sp2 (not an official CPE)
Best Practical Solutions RT 3.2.1
Best Practical Solutions RT 3.2.1 Release Candidate 1
Best Practical Solutions RT 3.2.0 Release Candidate 3
Best Practical Solutions RT 3.2.0 Release Candidate 1
Cisco IOS 12.1 (19)E6
Cisco IOS 12.1(16)
Cisco IOS 12.1 (20)
Cisco IOS 12.1(20)EO
Cisco IOS 12.1 (2)XF5
Cisco IOS 12.1 (13)EW4
Cisco IOS 12.1 (14)E4
Cisco IOS 12.1 (13)EA1
Cisco IOS 12.1 release 14.5
Cisco IOS 12.1 (13)EW
Cisco IOS 12.1 (14)EB
Cisco IOS 12.1 (2)XF
Cisco IOS 12.1(2)T
Cisco IOS 12.1 (19)EW
Cisco IOS 12.1 (2)XF4
Cisco IOS 12.1 (19)EC
Cisco IOS 12.1(19)E1
Cisco IOS 12.1 (19)EW3
Cisco IOS 12.1(18)
Cisco IOS 12.1 (13)E7
Cisco IOS 12.1 (14)E1
Cisco IOS 12.1 (2)E1
Cisco IOS 12.1 (19)E
Cisco IOS 12.1 (20)E1
Cisco IOS 12.1 (1c)
Cisco IOS 12.1 (20)E2
Cisco IOS 12.1 (20)EC2
Cisco IOS 12.1 (20)EC
Cisco IOS 12.1 (14)E9
Cisco IOS 12.1 (20)EA1a
Cisco IOS 12.1 (20)EA1
Cisco IOS 12.1 (15)BC1
Cisco IOS 12.1 (14)EA1
Cisco IOS 12.1 (18.4)
Cisco IOS 12.1 (20)EC1
Cisco IOS 12.1 (1a)T1
Cisco IOS 12.1 (20)E
Cisco IOS 12.1(13)E9
Cisco IOS 12.1 (20)EW4
Cisco IOS 12.1 (20)EW1
Cisco IOS 12.1 (20)EW
Cisco IOS 12.1 (13.4)E
Cisco IOS 12.1 (20)EO3
Cisco IOS 12.1 (20)EO1
Cisco IOS 12.1 (20)E5
Cisco IOS 12.1 (13)EA1c
Cisco IOS 12.1 (20)E3
Cisco IOS 12.1 (19.3)E
Cisco IOS 12.1 (19)FC1
Cisco IOS 12.1 (14)E10
Cisco IOS 12.1(19)
Cisco IOS 12.1 (13)EX2
Cisco IOS 12.1 release 14