CVE-2013-2020

CVSS 5.0 - MEDIUM
Description

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.

Affected Products
50 of 60
Vendor Product Version
canonical ubuntu_linux 10.04
canonical ubuntu_linux 11.10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.04
suse linux_enterprise_server 11.0
suse linux_enterprise_server 11.0
clamav clamav All versions
clamav clamav 0.9
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90.1
clamav clamav 0.90.1_p0
clamav clamav 0.90.2
clamav clamav 0.90.2_p0
clamav clamav 0.90.3
clamav clamav 0.90.3_p0
clamav clamav 0.90.3_p1
clamav clamav 0.91
clamav clamav 0.91
clamav clamav 0.91
clamav clamav 0.91.1
clamav clamav 0.91.2
clamav clamav 0.91.2_p0
clamav clamav 0.92
clamav clamav 0.92.1
clamav clamav 0.92_p0
clamav clamav 0.93
clamav clamav 0.93.1
clamav clamav 0.93.2
clamav clamav 0.93.3
clamav clamav 0.94
clamav clamav 0.94.1
clamav clamav 0.94.2
clamav clamav 0.95
clamav clamav 0.95
clamav clamav 0.95
clamav clamav 0.95
clamav clamav 0.95
clamav clamav 0.95.1
clamav clamav 0.95.2
clamav clamav 0.95.3
clamav clamav 0.96
clamav clamav 0.96
clamav clamav 0.96
clamav clamav 0.96.1
clamav clamav 0.96.2
Showing first 50 of 60 affected products.
References
http://blog.clamav.net/2013/04/clamav-0978-has-bee...
http://lists.apple.com/archives/security-announce/...
http://lists.apple.com/archives/security-announce/...
http://lists.fedoraproject.org/pipermail/package-a...
http://lists.fedoraproject.org/pipermail/package-a...
http://lists.fedoraproject.org/pipermail/package-a...
http://lists.fedoraproject.org/pipermail/package-a...
http://lists.opensuse.org/opensuse-security-announ...
http://lists.opensuse.org/opensuse-updates/2013-06...
http://lists.opensuse.org/opensuse-updates/2013-06...
http://secunia.com/advisories/53150
http://secunia.com/advisories/53182
http://support.apple.com/kb/HT5880
http://support.apple.com/kb/HT5892
http://www.mandriva.com/security/advisories?name=M...
http://www.openwall.com/lists/oss-security/2013/04...
http://www.openwall.com/lists/oss-security/2013/04...
http://www.securityfocus.com/bid/59434
http://www.ubuntu.com/usn/USN-1816-1
https://bugzilla.clamav.net/show_bug.cgi?id=7055
Weakness Types
CWE-189
CVE Information
CVE ID:
CVE-2013-2020
Published:
2013-05-13
Modified:
2026-04-29
CVSS Score:
5.0
Severity:
MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
Affected Vendors
canonical clamav suse
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL