Cisco published new issues of a free antivirus package < a href=”https://www.clamav.net”> clamav 1.4.2 and 1.0.8 , in which Vulnerability ( CVE -2025-20128 ). The vulnerability is caused by the overwhelming of the buffer in the file analysis code with the contents in the OLE2 format (Object Linking and Embedding 2), which the remote non -assigned attacker can use for refusal to service. The problem is manifested starting with the release of ClaMav 1.0.0 and is detected during the Fuzzing testing of the OSS-FUZZ project.
Vulnerability is caused by a holistic overflow when checking the boundaries leading to reading from the region outside the allocated buffer. The problem is manifested when processing files containing specially designed content in OLE2 format, and leads to an emergency completion of the scanning process. It is reported to identify an exploit prototype on the network, which can be used for attacks on postal servers or file exchange systems using ClaMav.