CVE-2006-6406

EPSS 2.4%

clamav

Published: 12/10/2006Modified: 4/28/2026

Description

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

Affected packages (2)

Debian/clamavfrom 0, < 0.88.7-1
Debian/clamavfrom 0, < 0.84-2.sarge.13

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-6406