Candidate: CVE-2010-1640
PublicDateAtUSN: 2010-05-27
PublicDate: 2010-05-26 18:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1640
Description:
 Off-by-one error in the parseicon function in libclamav/pe_icons.c in
 ClamAV 0.96 allows remote attackers to cause a denial of service (crash)
 via a crafted PE icon that triggers an out-of-bounds read, related to
 improper rounding during scaling.
Ubuntu-Description:
Notes:
 jdstrand> patched as CVE-2010-2077 in USN-945-1
 jdstrand> does not affect 0.95.3 and lower
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_clamav:
upstream_clamav: released (0.96.1)
dapper_clamav: not-affected (code-not-present)
hardy_clamav: not-affected (code-not-present)
jaunty_clamav: not-affected (code-not-present)
karmic_clamav: not-affected (code-not-present)
lucid_clamav: released (0.96.1+dfsg-0ubuntu0.10.04.1)
devel_clamav: released (0.96.1+dfsg-0ubuntu2)