Critical security flaw found in Clam Antivirus

A "critical" security flaw has been found in Clam Antivirus (ClamAV) software that attackers or viruses could exploit to take control over computers running the software.

The vulnerability has to do with the way ClamAV looks at executable programs modified by a popular free file compression utility called UPX (short for the "ultimate packer for executables"). Most bots, worms and viruses going around in e-mail these days are packed with UPX or some other type of compressor to dramatically decrease their size and often to obfuscate the contents of the file and evade detection by antivirus software. Security Fix - Brian Krebs on Computer and Internet Security - (

Linked by shanmuga Wednesday, 11th January 2006 4:00AM