PublicDateAtUSN: 2013-05-01
Candidate: CVE-2013-2020
PublicDate: 2013-05-13 23:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020
 http://www.openwall.com/lists/oss-security/2013/04/29/20
 https://ubuntu.com/security/notices/USN-1816-1
Description:
 Integer underflow in the cli_scanpe function in pe.c in ClamAV before
 0.97.8 allows remote attackers to cause a denial of service (crash) via a
 skewed offset larger than the size of the PE section in a UPX packed
 executable, which triggers an out-of-bounds read.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_clamav:
upstream_clamav: released (0.97.8)
hardy_clamav: released (0.97.8+dfsg-1ubuntu1.08.04.1)
lucid_clamav: released (0.97.8+dfsg-1ubuntu1.10.04.1)
oneiric_clamav: released (0.97.8+dfsg-1ubuntu1.11.10.1)
precise_clamav: released (0.97.8+dfsg-1ubuntu1.12.04.1)
quantal_clamav: released (0.97.8+dfsg-1ubuntu1.12.10.1)
raring_clamav: released (0.97.8+dfsg-1ubuntu1.13.04.1)
devel_clamav: released (0.97.8+dfsg-1ubuntu1.13.04.1)