Clam AntiVirus (ClamAV) Software is vulnera ble to denial of service. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device, causing the ClamAV scanning process crash, resulting in a denial of service condition.