ClamAV Denial of Service Vulnerability (Win)

Summary
The host is installed with ClamAV and is prone to Denial of Service Vulnerability.
Impact
Attackers can exploit this issue by executing arbitrary code via a crafted URL in the context of affected application, and can cause denial of service. Impact Level: Application
Solution
Upgrade to ClamAV 0.95.1 http://www.clamav.net/download
Insight
- Error in CLI_ISCONTAINED macro in libclamav/others.h while processing malformed files packed with UPack. - Buffer overflow error in cli_url_canon() function in libclamav/phishcheck.c while handling specially crafted URLs.
Affected
ClamAV before 0.95.1 on Windows.
References