VYPR
Unrated severityNVD Advisory· Published Aug 8, 2006· Updated Jun 16, 2026

CVE-2006-4018

CVE-2006-4018

Description

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20
  • ClamAV/Clamav20 versions
    cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*
    • cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*
    • (no CPE)range: >=0.81, <=0.88.3

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.