CVE-2006-4018

Name: CVE-2006-4018
Creator: NVD / NIST
Published: 2006-08-08T20:04:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 18.00%

Last modified Jun 16, 2026

CVE-2006-4018 is a vulnerability of currently unknown severity. Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.. EPSS estimates a 18.00% chance of exploitation in the next 30 days.

Description

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.

Metrics

EPSS Probability

18.00%

96.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Clamav	Clamav	0.81
Clamav	Clamav	0.82
Clamav	Clamav	0.83
Clamav	Clamav	0.84
Clamav	Clamav	0.85
Clamav	Clamav	0.85.1
Clamav	Clamav	0.86
Clamav	Clamav	0.86.1
Clamav	Clamav	0.86.2
Clamav	Clamav	0.87
Clamav	Clamav	0.87.1
Clamav	Clamav	0.88
Clamav	Clamav	0.88.1
Clamav	Clamav	0.88.2
Clamav	Clamav	0.88.3

References

http://kolab.org/security/kolab-vendor-notice-10.txt
http://secunia.com/advisories/21368Vendor Advisory
http://secunia.com/advisories/21374Vendor Advisory
http://secunia.com/advisories/21433Vendor Advisory
http://secunia.com/advisories/21443Vendor Advisory
http://secunia.com/advisories/21457Vendor Advisory
http://secunia.com/advisories/21497Vendor Advisory
http://secunia.com/advisories/21562Vendor Advisory
http://security.gentoo.org/glsa/glsa-200608-13.xml
http://securitytracker.com/id?1016645
http://www.clamav.net/security/0.88.4.htmlExploit, Patch, Vendor Advisory
http://www.debian.org/security/2006/dsa-1153
http://www.mandriva.com/security/advisories?name=MDKSA-2006:138
http://www.novell.com/linux/security/advisories/2006_46_clamav.html
http://www.overflow.pl/adv/clamav_upx_heap.txtExploit, Patch, Vendor Advisory
http://www.securityfocus.com/archive/1/442681/100/0/threaded
http://www.securityfocus.com/bid/19381
http://www.trustix.org/errata/2006/0046/
http://www.vupen.com/english/advisories/2006/3175Vendor Advisory
http://www.vupen.com/english/advisories/2006/3275Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28286
http://kolab.org/security/kolab-vendor-notice-10.txt
http://secunia.com/advisories/21368Vendor Advisory
http://secunia.com/advisories/21374Vendor Advisory
http://secunia.com/advisories/21433Vendor Advisory
http://secunia.com/advisories/21443Vendor Advisory
http://secunia.com/advisories/21457Vendor Advisory
http://secunia.com/advisories/21497Vendor Advisory
http://secunia.com/advisories/21562Vendor Advisory
http://security.gentoo.org/glsa/glsa-200608-13.xml
http://securitytracker.com/id?1016645
http://www.clamav.net/security/0.88.4.htmlExploit, Patch, Vendor Advisory
http://www.debian.org/security/2006/dsa-1153
http://www.mandriva.com/security/advisories?name=MDKSA-2006:138
http://www.novell.com/linux/security/advisories/2006_46_clamav.html
http://www.overflow.pl/adv/clamav_upx_heap.txtExploit, Patch, Vendor Advisory
http://www.securityfocus.com/archive/1/442681/100/0/threaded
http://www.securityfocus.com/bid/19381
http://www.trustix.org/errata/2006/0046/
http://www.vupen.com/english/advisories/2006/3175Vendor Advisory
http://www.vupen.com/english/advisories/2006/3275Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28286

Timeline

Published: Aug 8, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-4018?

How severe is CVE-2006-4018?

Severity scoring for CVE-2006-4018 is pending analysis. The EPSS model estimates a 18.00% probability of exploitation in the next 30 days.

How do I fix CVE-2006-4018?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-4018?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST