Some vulnerabilities have been reported in ClamAV, which
potentially can be exploited by malicious people to cause a
DoS (Denial of Service) and compromise a vulnerable system.
An unspecified integer overflow error exists in the PE header
parser in "libclamav/pe.c". Successful exploitation requires that
the ArchiveMaxFileSize option is disabled.
Some format string errors in the logging handling in
"shared/output.c" may be exploited to execute arbitrary code.
An out-of-bounds memory access error in the "cli_bitset_test()"
function in "ibclamav/others.c" may be exploited to cause a
crash.