CVE-2015-1462
Description
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ClamAV before 0.98.6 contains a heap out-of-bounds condition in UPX packer parsing, allowing remote attackers to cause an unspecified impact via a crafted file.
Vulnerability
A heap out-of-bounds condition exists in ClamAV's handling of crafted UPX packer files. This vulnerability affects versions prior to 0.98.6. The issue was discovered by Kevin Szkudlapski of Quarkslab and is triggered when scanning a maliciously crafted file packed with UPX, leading to an out-of-bounds heap read/write [1][2].
Exploitation
An attacker can exploit this vulnerability by crafting a specific UPX-packed file that, when scanned by a vulnerable ClamAV version, triggers the heap out-of-bounds condition. No authentication is required; the attacker only needs to deliver the malicious file to a system running ClamAV (e.g., via email attachment or network transfer) [2].
Impact
Successful exploitation allows the remote attacker to cause an unspecified impact, as the heap out-of-bounds condition may lead to memory corruption, potential denial of service, or possibly arbitrary code execution. The exact impact is not detailed further in available references [1][2].
Mitigation
The vulnerability is fixed in ClamAV 0.98.6, which was released on January 6, 2015. Users should upgrade to this version or later. The fixed version includes a patch that corrects the heap out-of-bounds condition for crafted UPX packer files [2]. No workarounds are documented; upgrading is the recommended action.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
8cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- osv-coords4 versionspkg:rpm/opensuse/clamav&distro=openSUSE%20Tumbleweedpkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 0.99.2-4.1+ 3 more
- (no CPE)range: < 0.99.2-4.1
- (no CPE)range: < 0.98.6-10.1
- (no CPE)range: < 0.98.6-10.1
- (no CPE)range: < 0.98.6-10.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- blog.clamav.net/2015/01/clamav-0986-has-been-released.htmlnvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.htmlnvd
- secunia.com/advisories/62536nvd
- securitytracker.com/id/1031672nvd
- security.gentoo.org/glsa/201512-08nvd
News mentions
0No linked articles in our index yet.