CVE-2004-0270
ClamAV 0.65 - Denial of Service via Invalid UUEncoded Email Line Length
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0270. PoCs published by Oliver Eikemeier.
AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in ClamAV by crafting a malformed UUEncoded message in an mbox file. The vulnerability triggers an assertion failure in the message parsing logic, causing the application to crash.
Description
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
Exploits (1)
This exploit demonstrates a denial-of-service (DoS) vulnerability in ClamAV by crafting a malformed UUEncoded message in an mbox file. The vulnerability triggers an assertion failure in the message parsing logic, causing the application to crash.