CVE-2006-4018

Publication date 8 August 2006

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
clamav	7.10 gutsy	Fixed 0.91.2-3ubuntu1
	7.04 feisty	Fixed 0.90.2-0ubuntu1.3
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Fixed 0.88.2-1ubuntu1.3

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-4018