ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)

Summary
The host is installed with ClamAV and is prone to Denial of Service Vulnerability.
Impact
Attackers can exploit this issue to execute arbitrary code in the context of affected application, and can cause denial of service. Impact Level: Application
Solution
Upgrade to ClamAV 0.94 or later http://www.clamav.net/download
Insight
A segmentation fault ocurs in the unpack feature when processing malicious LZH file.
Affected
ClamAV 0.93.3 and prior on Windows.
References