The ClamAV anti-virus scanner contains a vulnerability that may allow an attacker to execute code or cause ClamAV to crash.
The Portable Executable (PE) file format is a file format for executable files that is used in Microsoft Windows. PE files can be packed with executable packers, such as upack. The ClamAV anti-virus scanner can unpack and scan PE files that are packed with upack.
From ClamAV bug ID 878:
A remote, unauthenticated attacker may be able to execute arbitrary code or cause ClamAV to crash.
Thanks to Secunia Research and the ClamAV team for information that was used in this report.