CVE-2011-3627 Information

Description

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to \recursion level\ and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.

Reference

http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=3d664817f6ef833a17414a4ecea42004c35cc42f http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html http://secunia.com/advisories/46717 http://secunia.com/advisories/46826 http://www.openwall.com/lists/oss-security/2011/10/18/1 http://www.securityfocus.com/bid/50183 http://www.ubuntu.com/usn/USN-1258-1 https://bugzilla.redhat.com/show_bug.cgi?id=746984