Vigil@nce - ClamAV: denial of service via ScanOLE2
April 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use a malicious Microsoft Outlook .dbx document,
in order to stop ClamAV.
Severity: 1/4
Creation date: 28/03/2012
IMPACTED PRODUCTS
– Clam AntiVirus
DESCRIPTION OF THE VULNERABILITY
The libclamav/ole2_extract.c file of ClamAV decodes OLE data used
in Microsoft documents.
The cli_ole2_extract() function extracts data. However, the value
of the hdr.max_block_no field is computed to soon. The usage of
some OLE headers thus generates a Floating Point Exception.
An attacker can therefore use a malicious Microsoft Outlook .dbx
document, in order to stop ClamAV.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/ClamAV-denial-of-service-via-ScanOLE2-11494