AVG antivirus for Linux
AVG antivirus can be deterministically forced to crash
(segmentation fault) when analyzing corrupted UPX files.
AVG for Linux version 7.5.51 (current), possibly others.
Remote DoS, possibly remote code execution.
This vulnerability was discovered by Security Researcher
Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd.
First attempt to contact the vendor on September 18th 2008.
Received an automated reply on September 18th 2008.
No actual reponse from vendor in spite of our multiple emails.