All the vulnerabilites related to ClamAV - ClamAV
cve-2015-2222
Vulnerability from cvelistv5
Published
2015-05-12 19:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ubuntu.com/usn/usn-2594-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/74443 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2594-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2222",
"datePublished": "2015-05-12T19:00:00",
"dateReserved": "2015-03-05T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6497
Vulnerability from cvelistv5
Published
2014-12-01 15:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "[oss-security] 20141118 Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/2"
},
{
"name": "FEDORA-2014-15473",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "[oss-security] 20141118 Re: Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "71178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71178"
},
{
"name": "MDVSA-2014:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:217"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "60150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60150"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11088"
},
{
"name": "USN-2488-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138101"
},
{
"name": "clamv-cve20136497os(98804)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98804"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "[oss-security] 20141118 Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/2"
},
{
"name": "FEDORA-2014-15473",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "[oss-security] 20141118 Re: Fwd: [Clamav-devel] ClamAV(R) blog: ClamAV 0.98.5 has been released!",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "71178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71178"
},
{
"name": "MDVSA-2014:217",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:217"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "60150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60150"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11088"
},
{
"name": "USN-2488-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138101"
},
{
"name": "clamv-cve20136497os(98804)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98804"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6497",
"datePublished": "2014-12-01T15:00:00",
"dateReserved": "2013-11-04T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6845
Vulnerability from cvelistv5
Published
2009-07-02 10:00
Modified
2024-08-07 11:42
Severity ?
EPSS score ?
Summary
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/499078/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/32752 | vdb-entry, x_refsource_BID | |
| http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html | x_refsource_MISC | |
| http://osvdb.org/51963 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:42:00.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20081210 [IVIZ-08-011] ClamAV lzh unpacking segmentation fault",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499078/100/0/threaded"
},
{
"name": "32752",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32752"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html"
},
{
"name": "51963",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51963"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20081210 [IVIZ-08-011] ClamAV lzh unpacking segmentation fault",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499078/100/0/threaded"
},
{
"name": "32752",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32752"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html"
},
{
"name": "51963",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51963"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20081210 [IVIZ-08-011] ClamAV lzh unpacking segmentation fault",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499078/100/0/threaded"
},
{
"name": "32752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32752"
},
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html"
},
{
"name": "51963",
"refsource": "OSVDB",
"url": "http://osvdb.org/51963"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6845",
"datePublished": "2009-07-02T10:00:00",
"dateReserved": "2009-07-02T00:00:00",
"dateUpdated": "2024-08-07T11:42:00.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1443
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80472 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52612 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80467 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80461 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80470 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80460 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80468 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80456 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80457 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80458 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80454 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80455 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80459 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80469 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80471 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80471"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80472",
"refsource": "OSVDB",
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"refsource": "OSVDB",
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"refsource": "OSVDB",
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"refsource": "OSVDB",
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"refsource": "OSVDB",
"url": "http://osvdb.org/80460"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"refsource": "OSVDB",
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"refsource": "OSVDB",
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"refsource": "OSVDB",
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"refsource": "OSVDB",
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"refsource": "OSVDB",
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"refsource": "OSVDB",
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"refsource": "OSVDB",
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"refsource": "OSVDB",
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"refsource": "OSVDB",
"url": "http://osvdb.org/80471"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1443",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3123
Vulnerability from cvelistv5
Published
2020-02-05 17:30
Modified
2024-11-15 17:43
Severity ?
EPSS score ?
Summary
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062 | vendor-advisory, x_refsource_CISCO | |
| https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/4280-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/4280-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/202003-46 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"
},
{
"name": "USN-4280-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4280-1/"
},
{
"name": "USN-4280-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4280-2/"
},
{
"name": "GLSA-202003-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-46"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:22:29.569316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:43:05.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.102.1"
}
]
}
],
"datePublic": "2020-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T22:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"
},
{
"name": "USN-4280-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4280-1/"
},
{
"name": "USN-4280-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4280-2/"
},
{
"name": "GLSA-202003-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-46"
}
],
"source": {
"advisory": "CSCvs59062",
"defect": [
"CSCvs59062"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-02-05T16:10:00.000Z",
"ID": "CVE-2020-3123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.102.1"
},
{
"version_affected": "=",
"version_value": "0.102.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062",
"refsource": "CISCO",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"
},
{
"name": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html",
"refsource": "CONFIRM",
"url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"
},
{
"name": "USN-4280-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4280-1/"
},
{
"name": "USN-4280-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4280-2/"
},
{
"name": "GLSA-202003-46",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-46"
}
]
},
"source": {
"advisory": "CSCvs59062",
"defect": [
"CSCvs59062"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3123",
"datePublished": "2020-02-05T17:30:20.755023Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:43:05.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0897
Vulnerability from cvelistv5
Published
2007-02-16 19:00
Modified
2024-08-07 12:34
Severity ?
EPSS score ?
Summary
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22580",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22580"
},
{
"name": "clamav-cabfile-dos(32531)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531"
},
{
"name": "24187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24187"
},
{
"name": "24192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24192"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "32283",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32283"
},
{
"name": "DSA-1263",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1263"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "24332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24332"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "24425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24425"
},
{
"name": "SUSE-SA:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html"
},
{
"name": "GLSA-200703-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-03.xml"
},
{
"name": "MDKSA-2007:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043"
},
{
"name": "24319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24319"
},
{
"name": "20070215 Multiple Vendor ClamAV CAB File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "24183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24183"
},
{
"name": "1017659",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017659"
},
{
"name": "ADV-2007-0623",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22580",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22580"
},
{
"name": "clamav-cabfile-dos(32531)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531"
},
{
"name": "24187",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24187"
},
{
"name": "24192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24192"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "32283",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32283"
},
{
"name": "DSA-1263",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1263"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "24332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24332"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "24425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24425"
},
{
"name": "SUSE-SA:2007:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html"
},
{
"name": "GLSA-200703-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-03.xml"
},
{
"name": "MDKSA-2007:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043"
},
{
"name": "24319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24319"
},
{
"name": "20070215 Multiple Vendor ClamAV CAB File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "24183",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24183"
},
{
"name": "1017659",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017659"
},
{
"name": "ADV-2007-0623",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22580"
},
{
"name": "clamav-cabfile-dos(32531)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531"
},
{
"name": "24187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24187"
},
{
"name": "24192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24192"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "32283",
"refsource": "OSVDB",
"url": "http://osvdb.org/32283"
},
{
"name": "DSA-1263",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1263"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "24332",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24332"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "24425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24425"
},
{
"name": "SUSE-SA:2007:017",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html"
},
{
"name": "GLSA-200703-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-03.xml"
},
{
"name": "MDKSA-2007:043",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043"
},
{
"name": "24319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24319"
},
{
"name": "20070215 Multiple Vendor ClamAV CAB File Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "24183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24183"
},
{
"name": "1017659",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017659"
},
{
"name": "ADV-2007-0623",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0897",
"datePublished": "2007-02-16T19:00:00",
"dateReserved": "2007-02-13T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1798
Vulnerability from cvelistv5
Published
2019-04-08 19:30
Modified
2024-11-19 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.clamav.net/show_bug.cgi?id=12262 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:52.988363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:12:05.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThanOrEqual": "0.101.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"source": {
"defect": [
"12262"
],
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus PE File Out-of-Bounds Read Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1798",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus PE File Out-of-Bounds Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "0.101.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=12262",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
},
"source": {
"defect": [
"12262"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1798",
"datePublished": "2019-04-08T19:30:17",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:12:05.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20803
Vulnerability from cvelistv5
Published
2023-02-17 00:00
Modified
2024-10-28 16:34
Severity ?
EPSS score ?
Summary
A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html | vendor-advisory | |
| https://security.gentoo.org/glsa/202310-01 | vendor-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:24:43.851210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:34:09.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.104.0"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:23.618804",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "clamav-01050-01043-01036",
"discovery": "UNKNOWN"
},
"title": "ClamAV Double-free Vulnerability in the OLE2 File Parser",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20803",
"datePublished": "2023-02-17T00:00:00",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-10-28T16:34:09.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0098
Vulnerability from cvelistv5
Published
2010-04-08 17:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826"
},
{
"name": "[oss-security] 20100407 Re: ClamAV small issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/04/08/3"
},
{
"name": "ADV-2010-1206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "[oss-security] 20100406 ClamAV small issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/04/06/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-28T09:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826"
},
{
"name": "[oss-security] 20100407 Re: ClamAV small issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/04/08/3"
},
{
"name": "ADV-2010-1206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "[oss-security] 20100406 ClamAV small issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/04/06/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2010-0098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826"
},
{
"name": "[oss-security] 20100407 Re: ClamAV small issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/04/08/3"
},
{
"name": "ADV-2010-1206",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "[oss-security] 20100406 ClamAV small issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/04/06/4"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2010-0098",
"datePublished": "2010-04-08T17:00:00",
"dateReserved": "2009-12-30T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1640
Vulnerability from cvelistv5
Published
2010-05-26 18:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:41.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
},
{
"name": "[oss-security] 20100521 CVE Request: off by one DoS in pe_icons.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
},
{
"name": "clamav-parseicon-dos(58825)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
},
{
"name": "40318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40318"
},
{
"name": "ADV-2010-1214",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"name": "MDVSA-2010:110",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
},
{
"name": "39895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
},
{
"name": "[oss-security] 20100521 CVE Request: off by one DoS in pe_icons.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
},
{
"name": "clamav-parseicon-dos(58825)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
},
{
"name": "40318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40318"
},
{
"name": "ADV-2010-1214",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"name": "MDVSA-2010:110",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
},
{
"name": "39895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1640",
"datePublished": "2010-05-26T18:00:00",
"dateReserved": "2010-04-29T00:00:00",
"dateUpdated": "2024-08-07T01:28:41.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12380
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:25
Severity ?
EPSS score ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11945 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:56.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11945"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:11:35.764206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:25:19.745Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NULL pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11945",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12380",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:25:19.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9328
Vulnerability from cvelistv5
Published
2015-02-03 16:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:25.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "72372",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72372"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "USN-2488-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62536"
},
{
"name": "62757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62757"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "72372",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72372"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "USN-2488-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62536"
},
{
"name": "62757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62757"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "72372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72372"
},
{
"name": "openSUSE-SU-2015:0285",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"name": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "USN-2488-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"name": "openSUSE-SU-2015:0906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"name": "62536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62536"
},
{
"name": "62757",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62757"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9328",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2014-12-07T00:00:00",
"dateUpdated": "2024-08-06T13:40:25.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4260
Vulnerability from cvelistv5
Published
2010-12-07 01:00
Modified
2024-08-07 03:34
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "42523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42523"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) \"bb #2358\" and (2) \"bb #2396.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "42523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42523"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4260",
"datePublished": "2010-12-07T01:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12375
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:26
Severity ?
EPSS score ?
Summary
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11940 | x_refsource_CONFIRM | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:56.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11940"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:11:38.141762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:26:40.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11940"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11940",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11940"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12375",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:26:40.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0202
Vulnerability from cvelistv5
Published
2018-03-27 09:00
Modified
2024-12-02 20:55
Severity ?
EPSS score ?
Summary
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3592-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11973 | x_refsource_CONFIRM | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11980 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3592-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3592-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11980"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0202",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:54:26.040439Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T20:55:52.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3592-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11980"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_value": "ClamAV"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3592-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11973",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11973"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11980",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11980"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0202",
"datePublished": "2018-03-27T09:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-12-02T20:55:52.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1463
Vulnerability from cvelistv5
Published
2015-02-03 16:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html | vendor-advisory, x_refsource_FEDORA | |
| http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:47:16.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an \"incorrect compiler optimization.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an \"incorrect compiler optimization.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "FEDORA-2015-1437",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"name": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1463",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-02-03T00:00:00",
"dateUpdated": "2024-08-06T04:47:16.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1405
Vulnerability from cvelistv5
Published
2016-06-08 14:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/90968 | vdb-entry, x_refsource_BID | |
| https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog | x_refsource_MISC | |
| http://www.ubuntu.com/usn/USN-3093-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securitytracker.com/id/1035993 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1035994 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90968",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90968"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "1035993",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035993"
},
{
"name": "20160531 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
},
{
"name": "1035994",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "90968",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90968"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "1035993",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035993"
},
{
"name": "20160531 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
},
{
"name": "1035994",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90968"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog",
"refsource": "MISC",
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
},
{
"name": "USN-3093-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "1035993",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035993"
},
{
"name": "20160531 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
},
{
"name": "1035994",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1405",
"datePublished": "2016-06-08T14:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20032
Vulnerability from cvelistv5
Published
2023-02-16 15:24
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
References
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Secure Web Appliance |
Version: 11.7.0-406 Version: 11.7.0-418 Version: 11.7.1-049 Version: 11.7.1-006 Version: 11.7.1-020 Version: 11.7.2-011 Version: 11.8.0-414 Version: 11.8.1-023 Version: 11.8.3-018 Version: 11.8.3-021 Version: 12.0.1-268 Version: 12.0.3-007 Version: 12.5.2-007 Version: 12.5.1-011 Version: 12.5.4-005 Version: 12.5.5-004 Version: 14.5.0-498 Version: 14.0.3-014 Version: 14.0.2-012 |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-clamav-q8DThCy",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.7.0-406"
},
{
"status": "affected",
"version": "11.7.0-418"
},
{
"status": "affected",
"version": "11.7.1-049"
},
{
"status": "affected",
"version": "11.7.1-006"
},
{
"status": "affected",
"version": "11.7.1-020"
},
{
"status": "affected",
"version": "11.7.2-011"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "14.0.2-012"
}
]
},
{
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "7.3.5"
}
]
},
{
"product": "Cisco Secure Endpoint Private Cloud Administration Portal",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a proof-of-concept is available that demonstrates that this vulnerability can be used to cause a buffer overflow and subsequent process termination.\r\n\r\nAdditional technical information is also available that describes this vulnerability in detail.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:34.558Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-q8DThCy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
}
],
"source": {
"advisory": "cisco-sa-clamav-q8DThCy",
"defects": [
"CSCwd74135",
"CSCwd74134",
"CSCwd74133",
"CSCwe18204",
"CSCwd74132"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20032",
"datePublished": "2023-02-16T15:24:05.173Z",
"dateReserved": "2022-10-27T18:47:50.315Z",
"dateUpdated": "2024-08-02T08:57:35.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20796
Vulnerability from cvelistv5
Published
2022-05-04 17:06
Modified
2024-11-06 16:15
Severity ?
EPSS score ?
Summary
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco AMP for Endpoints |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220504 ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:58:27.623116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:15:40.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AMP for Endpoints",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-822",
"description": "CWE-822",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:30.297206",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220504 ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "cisco-sa-clamav-dos-vL9x58p4",
"defect": [
[
"CSCwa85589",
"CSCwb13945",
"CSCwb13949"
]
],
"discovery": "INTERNAL"
},
"title": "ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20796",
"datePublished": "2022-05-04T17:06:09.040345Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:15:40.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3913
Vulnerability from cvelistv5
Published
2008-09-09 14:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "clamav-manager-dos(45057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to \"error handling logic\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "clamav-manager-dos(45057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to \"error handling logic\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141",
"refsource": "MISC",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "clamav-manager-dos(45057)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-22.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT3216",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"name": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3913",
"datePublished": "2008-09-09T14:00:00",
"dateReserved": "2008-09-04T00:00:00",
"dateUpdated": "2024-08-07T10:00:41.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1462
Vulnerability from cvelistv5
Published
2015-02-03 16:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html | vendor-advisory, x_refsource_SUSE | |
| http://securitytracker.com/id/1031672 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html | vendor-advisory, x_refsource_FEDORA | |
| http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/62536 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:47:16.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62536"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a \"heap out of bounds condition.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62536"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a \"heap out of bounds condition.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"name": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62536"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1462",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-02-03T00:00:00",
"dateUpdated": "2024-08-06T04:47:16.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6680
Vulnerability from cvelistv5
Published
2009-04-08 16:00
Modified
2024-08-07 11:41
Severity ?
EPSS score ?
Summary
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/34357 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/34716 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.vupen.com/english/advisories/2009/0934 | vdb-entry, x_refsource_VUPEN | |
| http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html | vendor-advisory, x_refsource_APPLE | |
| http://www.debian.org/security/2009/dsa-1771 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.openwall.com/lists/oss-security/2009/04/07/6 | mailing-list, x_refsource_MLIST | |
| http://support.apple.com/kb/HT3865 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/36701 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/usn-754-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49845 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:41:59.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335"
},
{
"name": "34357",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34716"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"name": "clamav-exe-dos(49845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335"
},
{
"name": "34357",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34716"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"name": "clamav-exe-dos(49845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335"
},
{
"name": "34357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34357"
},
{
"name": "34716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34716"
},
{
"name": "MDVSA-2009:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"name": "clamav-exe-dos(49845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6680",
"datePublished": "2009-04-08T16:00:00",
"dateReserved": "2009-04-08T00:00:00",
"dateUpdated": "2024-08-07T11:41:59.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4261
Vulnerability from cvelistv5
Published
2010-12-07 01:00
Modified
2024-08-07 03:34
Severity ?
EPSS score ?
Summary
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xorl.wordpress.com/2010/12/05/cve-2010-4261-clamav-icon_cb-off-by-one/"
},
{
"name": "42523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42523"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2344"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42426"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xorl.wordpress.com/2010/12/05/cve-2010-4261-clamav-icon_cb-off-by-one/"
},
{
"name": "42523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42523"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2344"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42426"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4261",
"datePublished": "2010-12-07T01:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3627
Vulnerability from cvelistv5
Published
2011-11-17 19:00
Modified
2024-08-06 23:37
Severity ?
EPSS score ?
Summary
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=746984 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/50183 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/46717 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/46826 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.ubuntu.com/usn/USN-1258-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2011/10/18/1 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-15033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746984"
},
{
"name": "50183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50183"
},
{
"name": "46717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46717"
},
{
"name": "46826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46826"
},
{
"name": "FEDORA-2011-15076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"name": "FEDORA-2011-15119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"name": "USN-1258-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1258-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f"
},
{
"name": "[oss-security] 20111018 CVE request: recursion level crash in clamav before 0.97.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/10/18/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to \"recursion level\" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-11-17T19:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-15033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746984"
},
{
"name": "50183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50183"
},
{
"name": "46717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46717"
},
{
"name": "46826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46826"
},
{
"name": "FEDORA-2011-15076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"name": "FEDORA-2011-15119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"name": "USN-1258-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1258-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f"
},
{
"name": "[oss-security] 20111018 CVE request: recursion level crash in clamav before 0.97.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/10/18/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3627",
"datePublished": "2011-11-17T19:00:00Z",
"dateReserved": "2011-09-21T00:00:00Z",
"dateUpdated": "2024-08-06T23:37:48.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1461
Vulnerability from cvelistv5
Published
2015-02-03 16:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html | vendor-advisory, x_refsource_SUSE | |
| http://securitytracker.com/id/1031672 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html | vendor-advisory, x_refsource_FEDORA | |
| http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/62536 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62536"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda\u0027s crypter or (2) mew packer file, related to a \"heap out of bounds condition.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62536"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda\u0027s crypter or (2) mew packer file, related to a \"heap out of bounds condition.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "openSUSE-SU-2015:0285",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"name": "1031672",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id/1031672"
},
{
"name": "FEDORA-2015-1437",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"name": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"name": "SUSE-SU-2015:0298",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"name": "FEDORA-2015-1461",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"name": "62536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62536"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1461",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-02-03T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1311
Vulnerability from cvelistv5
Published
2010-04-08 17:00
Modified
2024-08-07 01:21
Severity ?
EPSS score ?
Summary
The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771"
},
{
"name": "ADV-2010-1206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771"
},
{
"name": "ADV-2010-1206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771"
},
{
"name": "ADV-2010-1206",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"name": "39656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39656"
},
{
"name": "MDVSA-2010:082",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"name": "USN-926-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"name": "ADV-2010-0827",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "SUSE-SR:2010:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96"
},
{
"name": "ADV-2010-0909",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"name": "39293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39293"
},
{
"name": "ADV-2010-0832",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"name": "39329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39329"
},
{
"name": "39262",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39262"
},
{
"name": "ADV-2010-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1311",
"datePublished": "2010-04-08T17:00:00",
"dateReserved": "2010-04-08T00:00:00",
"dateUpdated": "2024-08-07T01:21:18.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1615
Vulnerability from cvelistv5
Published
2006-04-06 22:00
Modified
2024-08-07 17:19
Severity ?
EPSS score ?
Summary
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19567"
},
{
"name": "17951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17951"
},
{
"name": "ADV-2006-1258",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1258"
},
{
"name": "ADV-2006-1779",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1779"
},
{
"name": "TA06-132A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638"
},
{
"name": "24458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24458"
},
{
"name": "19570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"
},
{
"name": "GLSA-200604-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"
},
{
"name": "19608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19608"
},
{
"name": "19534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19534"
},
{
"name": "19564",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19564"
},
{
"name": "19536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19536"
},
{
"name": "APPLE-SA-2006-05-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"name": "SUSE-SA:2006:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"
},
{
"name": "MDKSA-2006:067",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"
},
{
"name": "17388",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17388"
},
{
"name": "DSA-1024",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1024"
},
{
"name": "23719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23719"
},
{
"name": "20077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20077"
},
{
"name": "clamav-output-format-string(25661)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"
},
{
"name": "2006-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0020"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19567"
},
{
"name": "17951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17951"
},
{
"name": "ADV-2006-1258",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1258"
},
{
"name": "ADV-2006-1779",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1779"
},
{
"name": "TA06-132A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638"
},
{
"name": "24458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24458"
},
{
"name": "19570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"
},
{
"name": "GLSA-200604-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"
},
{
"name": "19608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19608"
},
{
"name": "19534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19534"
},
{
"name": "19564",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19564"
},
{
"name": "19536",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19536"
},
{
"name": "APPLE-SA-2006-05-11",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"name": "SUSE-SA:2006:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"
},
{
"name": "MDKSA-2006:067",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"
},
{
"name": "17388",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17388"
},
{
"name": "DSA-1024",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1024"
},
{
"name": "23719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23719"
},
{
"name": "20077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20077"
},
{
"name": "clamav-output-format-string(25661)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"
},
{
"name": "2006-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0020"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19567",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19567"
},
{
"name": "17951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17951"
},
{
"name": "ADV-2006-1258",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1258"
},
{
"name": "ADV-2006-1779",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1779"
},
{
"name": "TA06-132A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638"
},
{
"name": "24458",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24458"
},
{
"name": "19570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19570"
},
{
"name": "http://up2date.astaro.com/2006/05/low_up2date_6202.html",
"refsource": "CONFIRM",
"url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"
},
{
"name": "GLSA-200604-06",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"
},
{
"name": "19608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19608"
},
{
"name": "19534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19534"
},
{
"name": "19564",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19564"
},
{
"name": "19536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19536"
},
{
"name": "APPLE-SA-2006-05-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"name": "SUSE-SA:2006:020",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"
},
{
"name": "MDKSA-2006:067",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"
},
{
"name": "17388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17388"
},
{
"name": "DSA-1024",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1024"
},
{
"name": "23719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23719"
},
{
"name": "20077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20077"
},
{
"name": "clamav-output-format-string(25661)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"
},
{
"name": "2006-0020",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0020"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1615",
"datePublished": "2006-04-06T22:00:00",
"dateReserved": "2006-04-05T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20698
Vulnerability from cvelistv5
Published
2022-01-14 05:15
Modified
2024-11-06 16:32
Severity ?
EPSS score ?
Summary
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html | vendor-advisory | |
| https://security.gentoo.org/glsa/202310-01 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:48.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:57.833636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:32:32.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.103.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.104.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:17.357612",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "clamav-01035-and-01042-security-patch",
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus (ClamAV) Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20698",
"datePublished": "2022-01-14T05:15:11.361911Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:32:32.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3434
Vulnerability from cvelistv5
Published
2010-09-30 14:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:43.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
},
{
"name": "[oss-security] 20100927 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/27/6"
},
{
"name": "SUSE-SR:2010:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226"
},
{
"name": "ADV-2010-2455",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2455"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3434"
},
{
"name": "[oss-security] 20100922 CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/22/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=dc5143b4669ae39c79c9af50d569c28c798f33da"
},
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-07T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
},
{
"name": "[oss-security] 20100927 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/27/6"
},
{
"name": "SUSE-SR:2010:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226"
},
{
"name": "ADV-2010-2455",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2455"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3434"
},
{
"name": "[oss-security] 20100922 CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/22/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=dc5143b4669ae39c79c9af50d569c28c798f33da"
},
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/5"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3"
},
{
"name": "[oss-security] 20100927 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/27/6"
},
{
"name": "SUSE-SR:2010:020",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226"
},
{
"name": "ADV-2010-2455",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2455"
},
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "http://security-tracker.debian.org/tracker/CVE-2010-3434",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3434"
},
{
"name": "[oss-security] 20100922 CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/22/1"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=dc5143b4669ae39c79c9af50d569c28c798f33da",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=dc5143b4669ae39c79c9af50d569c28c798f33da"
},
{
"name": "[oss-security] 20100928 Re: CVE request: clamav \u003c 0.96.3 pdf bounds checking",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/3"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3434",
"datePublished": "2010-09-30T14:00:00",
"dateReserved": "2010-09-17T00:00:00",
"dateUpdated": "2024-08-07T03:11:43.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1000085
Vulnerability from cvelistv5
Published
2018-03-13 15:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3592-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2017/09/29/4 | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3592-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:33:49.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3592-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"name": "[oss-security] 20170929 clamav: Out of bounds read and segfault in xar parser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/29/4"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-02-18T00:00:00",
"datePublic": "2018-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3592-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"name": "[oss-security] 20170929 clamav: Out of bounds read and segfault in xar parser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/29/4"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2/18/2018 4:43:20",
"ID": "CVE-2018-1000085",
"REQUESTER": "hanno@hboeck.de",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3592-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"name": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6",
"refsource": "MISC",
"url": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"name": "[oss-security] 20170929 clamav: Out of bounds read and segfault in xar parser",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/09/29/4"
},
{
"name": "[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"name": "USN-3592-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000085",
"datePublished": "2018-03-13T15:00:00",
"dateReserved": "2018-02-21T00:00:00",
"dateUpdated": "2024-08-05T12:33:49.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20771
Vulnerability from cvelistv5
Published
2022-05-04 17:05
Modified
2024-11-06 16:16
Severity ?
EPSS score ?
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco AMP for Endpoints |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220504 ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:31.788166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:16:45.324Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AMP for Endpoints",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:20.369043",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220504 ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "cisco-sa-clamav-dos-ZAZBwRVG",
"defect": [
[
"CSCwb00437",
"CSCwb00438",
"CSCwb00439"
]
],
"discovery": "INTERNAL"
},
"title": "ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20771",
"datePublished": "2022-05-04T17:05:34.923275Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:16:45.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4018
Vulnerability from cvelistv5
Published
2006-08-08 20:00
Modified
2024-08-07 18:57
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:44.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3175",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3175"
},
{
"name": "20060809 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442681/100/0/threaded"
},
{
"name": "21562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21562"
},
{
"name": "SUSE-SA:2006:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_46_clamav.html"
},
{
"name": "21368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21368"
},
{
"name": "21433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21433"
},
{
"name": "GLSA-200608-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-13.xml"
},
{
"name": "21497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-10.txt"
},
{
"name": "DSA-1153",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1153"
},
{
"name": "21443",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21443"
},
{
"name": "MDKSA-2006:138",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:138"
},
{
"name": "19381",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19381"
},
{
"name": "1016645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016645"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.overflow.pl/adv/clamav_upx_heap.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.clamav.net/security/0.88.4.html"
},
{
"name": "clamav-pefromupx-bo(28286)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28286"
},
{
"name": "2006-0046",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0046/"
},
{
"name": "21457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21457"
},
{
"name": "21374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21374"
},
{
"name": "ADV-2006-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3275"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3175",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3175"
},
{
"name": "20060809 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442681/100/0/threaded"
},
{
"name": "21562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21562"
},
{
"name": "SUSE-SA:2006:046",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_46_clamav.html"
},
{
"name": "21368",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21368"
},
{
"name": "21433",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21433"
},
{
"name": "GLSA-200608-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200608-13.xml"
},
{
"name": "21497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-10.txt"
},
{
"name": "DSA-1153",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1153"
},
{
"name": "21443",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21443"
},
{
"name": "MDKSA-2006:138",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:138"
},
{
"name": "19381",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19381"
},
{
"name": "1016645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016645"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.overflow.pl/adv/clamav_upx_heap.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.clamav.net/security/0.88.4.html"
},
{
"name": "clamav-pefromupx-bo(28286)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28286"
},
{
"name": "2006-0046",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0046/"
},
{
"name": "21457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21457"
},
{
"name": "21374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21374"
},
{
"name": "ADV-2006-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3275"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3175",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3175"
},
{
"name": "20060809 [Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442681/100/0/threaded"
},
{
"name": "21562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21562"
},
{
"name": "SUSE-SA:2006:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_46_clamav.html"
},
{
"name": "21368",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21368"
},
{
"name": "21433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21433"
},
{
"name": "GLSA-200608-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200608-13.xml"
},
{
"name": "21497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21497"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-10.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-10.txt"
},
{
"name": "DSA-1153",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1153"
},
{
"name": "21443",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21443"
},
{
"name": "MDKSA-2006:138",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:138"
},
{
"name": "19381",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19381"
},
{
"name": "1016645",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016645"
},
{
"name": "http://www.overflow.pl/adv/clamav_upx_heap.txt",
"refsource": "MISC",
"url": "http://www.overflow.pl/adv/clamav_upx_heap.txt"
},
{
"name": "http://www.clamav.net/security/0.88.4.html",
"refsource": "CONFIRM",
"url": "http://www.clamav.net/security/0.88.4.html"
},
{
"name": "clamav-pefromupx-bo(28286)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28286"
},
{
"name": "2006-0046",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0046/"
},
{
"name": "21457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21457"
},
{
"name": "21374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21374"
},
{
"name": "ADV-2006-3275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3275"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4018",
"datePublished": "2006-08-08T20:00:00",
"dateReserved": "2006-08-08T00:00:00",
"dateUpdated": "2024-08-07T18:57:44.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2221
Vulnerability from cvelistv5
Published
2015-05-12 19:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ubuntu.com/usn/usn-2594-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/74443 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2594-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2221",
"datePublished": "2015-05-12T19:00:00",
"dateReserved": "2015-03-05T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7089
Vulnerability from cvelistv5
Published
2019-11-15 14:23
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
ClamAV before 0.97.7: dbg_printhex possible information leak
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201405-08.xml | x_refsource_MISC | |
| https://security-tracker.debian.org/tracker/CVE-2013-7089 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/12/13/1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:45.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7089"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7: dbg_printhex possible information leak"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T14:23:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7089"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.97.7: dbg_printhex possible information leak"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.gentoo.org/glsa/glsa-201405-08.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-7089",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7089"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/12/13/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7089",
"datePublished": "2019-11-15T14:23:32",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T17:53:45.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20505
Vulnerability from cvelistv5
Published
2024-09-04 21:23
Modified
2024-09-05 13:35
Severity ?
EPSS score ?
Summary
A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | ClamAV |
Version: 1.4.0 Version: 1.3.2 Version: 1.0.6 Version: 1.0.5 Version: 1.0.4 Version: 1.0.3 Version: 1.0.2 Version: 1.0.1 Version: 1.0.0 Version: 1.2.x Version: 0.105.x Version: 0.104.x Version: 0.103.11 Version: 0.103.10 Version: 0.103.9 Version: 0.103.8 Version: 0.103.7 Version: 0.103.6 Version: 0.103.5 Version: 0.103.4 Version: 0.103.3 Version: 0.103.2 Version: 0.103.1 Version: 0.103.0 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:35:13.258736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:35:22.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.0.6"
},
{
"status": "affected",
"version": "1.0.5"
},
{
"status": "affected",
"version": "1.0.4"
},
{
"status": "affected",
"version": "1.0.3"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.1"
},
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "1.2.x"
},
{
"status": "affected",
"version": "0.105.x"
},
{
"status": "affected",
"version": "0.104.x"
},
{
"status": "affected",
"version": "0.103.11"
},
{
"status": "affected",
"version": "0.103.10"
},
{
"status": "affected",
"version": "0.103.9"
},
{
"status": "affected",
"version": "0.103.8"
},
{
"status": "affected",
"version": "0.103.7"
},
{
"status": "affected",
"version": "0.103.6"
},
{
"status": "affected",
"version": "0.103.5"
},
{
"status": "affected",
"version": "0.103.4"
},
{
"status": "affected",
"version": "0.103.3"
},
{
"status": "affected",
"version": "0.103.2"
},
{
"status": "affected",
"version": "0.103.1"
},
{
"status": "affected",
"version": "0.103.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T21:23:55.715Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
}
],
"source": {
"defects": [
"CSCwk44457"
],
"discovery": "INTERNAL"
},
"title": "ClamAV Memory Handling DoS"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20505",
"datePublished": "2024-09-04T21:23:55.715Z",
"dateReserved": "2023-11-08T15:08:07.688Z",
"dateUpdated": "2024-09-05T13:35:22.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20770
Vulnerability from cvelistv5
Published
2022-05-04 17:05
Modified
2024-11-06 16:16
Severity ?
EPSS score ?
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco AMP for Endpoints |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220504 ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:32.714443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:16:53.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AMP for Endpoints",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:22.000805",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220504 ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "cisco-sa-clamav-dos-prVGcHLd",
"defect": [
[
"CSCwa95108",
"CSCwa95109",
"CSCwa95110"
]
],
"discovery": "INTERNAL"
},
"title": "ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2022"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20770",
"datePublished": "2022-05-04T17:05:29.271076Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:16:53.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3912
Vulnerability from cvelistv5
Published
2008-09-09 14:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "clamav-libclamav-dos(45056)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45056"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "clamav-libclamav-dos(45056)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45056"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141",
"refsource": "MISC",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-22.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32424"
},
{
"name": "clamav-libclamav-dos(45056)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45056"
},
{
"name": "ADV-2008-2780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT3216",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"name": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3912",
"datePublished": "2008-09-09T14:00:00",
"dateReserved": "2008-09-04T00:00:00",
"dateUpdated": "2024-08-07T10:00:41.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0728
Vulnerability from cvelistv5
Published
2008-02-12 19:00
Modified
2024-08-07 07:54
Severity ?
EPSS score ?
Summary
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2008:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
},
{
"name": "29048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29048"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=575703"
},
{
"name": "29026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=209915"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2008-0503",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0503"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "SUSE-SR:2008:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name": "clamav-mewc-heap-corruption(40474)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40474"
},
{
"name": "ADV-2008-0606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0606"
},
{
"name": "28907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28907"
},
{
"name": "GLSA-200802-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "29001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-19.txt"
},
{
"name": "29060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger \"heap corruption.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2008:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
},
{
"name": "29048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29048"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=575703"
},
{
"name": "29026",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=209915"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2008-0503",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0503"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "SUSE-SR:2008:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name": "clamav-mewc-heap-corruption(40474)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40474"
},
{
"name": "ADV-2008-0606",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0606"
},
{
"name": "28907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28907"
},
{
"name": "GLSA-200802-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200802-09.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "29001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-19.txt"
},
{
"name": "29060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0728",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger \"heap corruption.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2008:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
},
{
"name": "29048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29048"
},
{
"name": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=575703",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=575703"
},
{
"name": "29026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29026"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=209915",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=209915"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2008-0503",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0503"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "SUSE-SR:2008:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"name": "clamav-mewc-heap-corruption(40474)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40474"
},
{
"name": "ADV-2008-0606",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0606"
},
{
"name": "28907",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28907"
},
{
"name": "GLSA-200802-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-09.xml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "29001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29001"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-19.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-19.txt"
},
{
"name": "29060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0728",
"datePublished": "2008-02-12T19:00:00",
"dateReserved": "2008-02-12T00:00:00",
"dateUpdated": "2024-08-07T07:54:22.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0899
Vulnerability from cvelistv5
Published
2019-11-06 03:10
Modified
2024-08-07 12:34
Severity ?
EPSS score ?
Summary
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2007-0899 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-0899"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a possible heap overflow in libclamav/fsg.c before 0.100.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-06T03:10:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-0899"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible heap overflow in libclamav/fsg.c before 0.100.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2007-0899",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2007-0899"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0899",
"datePublished": "2019-11-06T03:10:38",
"dateReserved": "2007-02-13T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2721
Vulnerability from cvelistv5
Published
2011-08-05 21:00
Modified
2024-08-06 23:08
Severity ?
EPSS score ?
Summary
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45382"
},
{
"name": "FEDORA-2011-15033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2"
},
{
"name": "1025858",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725694"
},
{
"name": "USN-1179-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1179-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=708263"
},
{
"name": "46717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46717"
},
{
"name": "[oss-security] 20110726 CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/3"
},
{
"name": "clamav-scan-dos(68785)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5"
},
{
"name": "FEDORA-2011-15076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"name": "FEDORA-2011-15119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"name": "[oss-security] 20110726 Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/13"
},
{
"name": "48891",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48891"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818"
},
{
"name": "74181",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/74181"
},
{
"name": "MDVSA-2011:122",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45382"
},
{
"name": "FEDORA-2011-15033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2"
},
{
"name": "1025858",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725694"
},
{
"name": "USN-1179-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1179-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=708263"
},
{
"name": "46717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46717"
},
{
"name": "[oss-security] 20110726 CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/3"
},
{
"name": "clamav-scan-dos(68785)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5"
},
{
"name": "FEDORA-2011-15076",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"name": "FEDORA-2011-15119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"name": "[oss-security] 20110726 Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/13"
},
{
"name": "48891",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48891"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818"
},
{
"name": "74181",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/74181"
},
{
"name": "MDVSA-2011:122",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:122"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2721",
"datePublished": "2011-08-05T21:00:00",
"dateReserved": "2011-07-11T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1457
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1457",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12378
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:25
Severity ?
EPSS score ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11946 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:56.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11946"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:55:32.927708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:25:49.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer over-read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11946"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11946",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11946"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12378",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:25:49.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1371
Vulnerability from cvelistv5
Published
2016-10-03 18:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html | x_refsource_CONFIRM | |
| https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/ | x_refsource_MISC | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11514 | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-3093-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/93222 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "93222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-03T17:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "93222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"name": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/",
"refsource": "MISC",
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11514",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"name": "93222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1371",
"datePublished": "2016-10-03T18:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9050
Vulnerability from cvelistv5
Published
2014-12-01 15:00
Modified
2024-08-06 13:33
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-28T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:1560",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62542"
},
{
"name": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9050",
"datePublished": "2014-12-01T15:00:00",
"dateReserved": "2014-11-21T00:00:00",
"dateUpdated": "2024-08-06T13:33:13.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20052
Vulnerability from cvelistv5
Published
2023-02-16 15:26
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Secure Endpoint |
Version: 6.0.9 Version: 6.0.7 Version: 6.1.5 Version: 6.1.7 Version: 6.1.9 Version: 6.2.1 Version: 6.2.5 Version: 6.2.19 Version: 6.2.9 Version: 6.3.5 Version: 6.3.1 Version: 6.3.7 Version: 6.3.3 Version: 7.0.5 Version: 7.1.1 Version: 7.1.5 Version: 1.12.1 Version: 1.12.2 Version: 1.12.5 Version: 1.12.0 Version: 1.12.6 Version: 1.12.3 Version: 1.12.7 Version: 1.12.4 Version: 1.13.0 Version: 1.13.1 Version: 1.13.2 Version: 1.11.0 Version: 1.10.2 Version: 1.10.1 Version: 1.10.0 Version: 1.14.0 Version: 1.6.0 Version: 1.9.0 Version: 1.9.1 Version: 1.8.1 Version: 1.8.0 Version: 1.8.4 Version: 1.7.0 Version: 7.2.13 Version: 7.2.7 Version: 7.2.3 Version: 7.2.11 Version: 7.2.5 Version: 7.3.3 Version: 7.3.5 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-clamav-xxe-TcSZduhN",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.3.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:38.974Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-xxe-TcSZduhN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
}
],
"source": {
"advisory": "cisco-sa-clamav-xxe-TcSZduhN",
"defects": [
"CSCwd87111",
"CSCwd87112",
"CSCwd87113"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20052",
"datePublished": "2023-02-16T15:26:12.863Z",
"dateReserved": "2022-10-27T18:47:50.319Z",
"dateUpdated": "2024-08-02T08:57:35.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-27506
Vulnerability from cvelistv5
Published
2021-03-19 14:28
Modified
2024-08-03 21:26
Severity ?
EPSS score ?
Summary
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://advisories.stormshield.eu/2021-003/ | x_refsource_CONFIRM | |
| https://blog.clamav.net/2021/02/clamav-01031-patch-release.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:09.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://advisories.stormshield.eu/2021-003/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-12T15:27:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://advisories.stormshield.eu/2021-003/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-27506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisories.stormshield.eu/2021-003/",
"refsource": "CONFIRM",
"url": "https://advisories.stormshield.eu/2021-003/"
},
{
"name": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html",
"refsource": "MISC",
"url": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-27506",
"datePublished": "2021-03-19T14:28:20",
"dateReserved": "2021-02-19T00:00:00",
"dateUpdated": "2024-08-03T21:26:09.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1459
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1459",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1252
Vulnerability from cvelistv5
Published
2021-04-08 04:25
Modified
2024-11-08 23:25
Severity ?
EPSS score ?
Summary
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:02:36.719227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:25:50.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.103.0"
},
{
"status": "affected",
"version": "0.103.1"
}
]
}
],
"datePublic": "2021-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T04:25:10",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
},
"title": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-04-08T12:08:00.000Z",
"ID": "CVE-2021-1252",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.103.0"
},
{
"version_affected": "=",
"version_value": "0.103.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
]
},
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1252",
"datePublished": "2021-04-08T04:25:10.891603Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:25:50.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1458
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52611 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80473 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74301 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/80474 | vdb-entry, x_refsource_OSVDB | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:094 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52611",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52611"
},
{
"name": "80473",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80473"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-chm-header-evasion(74301)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74301"
},
{
"name": "80474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80474"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52611",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52611"
},
{
"name": "80473",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80473"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-chm-header-evasion(74301)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74301"
},
{
"name": "80474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80474"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52611",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52611"
},
{
"name": "80473",
"refsource": "OSVDB",
"url": "http://osvdb.org/80473"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-chm-header-evasion(74301)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74301"
},
{
"name": "80474",
"refsource": "OSVDB",
"url": "http://osvdb.org/80474"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1458",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1786
Vulnerability from cvelistv5
Published
2019-04-08 19:05
Modified
2024-11-19 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149 | x_refsource_MISC | |
| https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:57.486138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:12:41.510Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.101.1"
},
{
"status": "affected",
"version": "0.101.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"source": {
"defect": [
"12149"
],
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus PDF Out-of-Bounds Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1786",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus PDF Out-of-Bounds Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.101.1"
},
{
"version_affected": "=",
"version_value": "0.101.0"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
},
"source": {
"defect": [
"12149"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1786",
"datePublished": "2019-04-08T19:05:14",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:12:41.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1241
Vulnerability from cvelistv5
Published
2009-04-03 18:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.vupen.com/english/advisories/2009/0934 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/34344 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/502366/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html | vendor-advisory, x_refsource_APPLE | |
| http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2009/04/07/6 | mailing-list, x_refsource_MLIST | |
| http://support.apple.com/kb/HT3865 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/36701 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "34344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34344"
},
{
"name": "20090402 [TZO-05-2009] Clamav 0.94 and below - Evasion /bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502366/100/0/threaded"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "34344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34344"
},
{
"name": "20090402 [TZO-05-2009] Clamav 0.94 and below - Evasion /bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502366/100/0/threaded"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2009:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "34344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34344"
},
{
"name": "20090402 [TZO-05-2009] Clamav 0.94 and below - Evasion /bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502366/100/0/threaded"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1241",
"datePublished": "2009-04-03T18:00:00",
"dateReserved": "2009-04-03T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1788
Vulnerability from cvelistv5
Published
2019-04-08 19:15
Modified
2024-11-19 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html | vendor-advisory, x_refsource_SUSE | |
| https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:54.567973Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:12:14.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThanOrEqual": "0.101.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Object Linking \u0026 Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-22T13:06:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
],
"source": {
"defect": [
"12166"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV OLE2 File Out-Of-Bounds Write Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1788",
"STATE": "PUBLIC",
"TITLE": "ClamAV OLE2 File Out-Of-Bounds Write Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "0.101.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Object Linking \u0026 Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
]
},
"source": {
"defect": [
"12166"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1788",
"datePublished": "2019-04-08T19:15:18",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:12:14.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1003
Vulnerability from cvelistv5
Published
2011-02-23 18:00
Modified
2024-08-06 22:14
Severity ?
EPSS score ?
Summary
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:26.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025100",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025100"
},
{
"name": "46470",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46470"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97"
},
{
"name": "70937",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/70937"
},
{
"name": "[oss-security] 20110221 clamav 0.97",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/21/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f"
},
{
"name": "clamav-vbareadprojectstrings-dos(65544)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65544"
},
{
"name": "ADV-2011-0458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0458"
},
{
"name": "43752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43752"
},
{
"name": "ADV-2011-0453",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0453"
},
{
"name": "SUSE-SR:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "MDVA-2011:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486"
},
{
"name": "ADV-2011-0523",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0523"
},
{
"name": "FEDORA-2011-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"name": "USN-1076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1076-1"
},
{
"name": "[oss-security] 20110221 Re: clamav 0.97",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/21/4"
},
{
"name": "FEDORA-2011-2741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"name": "43392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43392"
},
{
"name": "43498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1025100",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025100"
},
{
"name": "46470",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46470"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97"
},
{
"name": "70937",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/70937"
},
{
"name": "[oss-security] 20110221 clamav 0.97",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/21/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f"
},
{
"name": "clamav-vbareadprojectstrings-dos(65544)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65544"
},
{
"name": "ADV-2011-0458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0458"
},
{
"name": "43752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43752"
},
{
"name": "ADV-2011-0453",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0453"
},
{
"name": "SUSE-SR:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "MDVA-2011:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486"
},
{
"name": "ADV-2011-0523",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0523"
},
{
"name": "FEDORA-2011-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"name": "USN-1076-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1076-1"
},
{
"name": "[oss-security] 20110221 Re: clamav 0.97",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/21/4"
},
{
"name": "FEDORA-2011-2741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"name": "43392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43392"
},
{
"name": "43498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43498"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1003",
"datePublished": "2011-02-23T18:00:00",
"dateReserved": "2011-02-14T00:00:00",
"dateUpdated": "2024-08-06T22:14:26.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12374
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:26
Severity ?
EPSS score ?
Summary
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11939 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:55.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11939"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:11:39.633132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:26:51.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "use-after-free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11939"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11939",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11939"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12374",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:26:51.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7087
Vulnerability from cvelistv5
Published
2019-11-15 14:11
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
ClamAV before 0.97.7 has WWPack corrupt heap memory
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-7087 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087 | x_refsource_MISC | |
| http://security.gentoo.org/glsa/glsa-201405-08.xml | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/12/13/1 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/58546 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:46.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7087"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58546"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7 has WWPack corrupt heap memory"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T14:11:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7087"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58546"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.97.7 has WWPack corrupt heap memory"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-7087",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7087"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087"
},
{
"name": "http://security.gentoo.org/glsa/glsa-201405-08.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/12/13/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"name": "http://www.securityfocus.com/bid/58546",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58546"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7087",
"datePublished": "2019-11-15T14:11:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T17:53:46.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1785
Vulnerability from cvelistv5
Published
2019-04-08 19:05
Modified
2024-11-19 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.clamav.net/show_bug.cgi?id=12284 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:21:23.436070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:12:31.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.101.1"
},
{
"status": "affected",
"version": "0.101.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"source": {
"defect": [
"12284"
],
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus RAR Directory Traversal Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1785",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus RAR Directory Traversal Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.101.1"
},
{
"version_affected": "=",
"version_value": "0.101.0"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=12284",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
},
"source": {
"defect": [
"12284"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1785",
"datePublished": "2019-04-08T19:05:21",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:12:31.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20792
Vulnerability from cvelistv5
Published
2022-08-10 08:25
Modified
2024-11-01 18:54
Severity ?
EPSS score ?
Summary
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html | vendor-advisory | |
| https://security.gentoo.org/glsa/202310-01 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Clam AntiVirus (ClamAV) |
Version: unspecified < Version: 0.104.0 < unspecified Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20792",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:42:21.539755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:54:40.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Clam AntiVirus (ClamAV)",
"vendor": "Cisco",
"versions": [
{
"lessThanOrEqual": "0.104.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "0.104.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "0.103.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:18.829128",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20792",
"datePublished": "2022-08-10T08:25:09.605833Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T18:54:40.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20506
Vulnerability from cvelistv5
Published
2024-09-04 21:28
Modified
2024-09-05 13:34
Severity ?
EPSS score ?
Summary
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.
The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | ClamAV |
Version: 1.4.0 Version: 1.3.2 Version: 1.0.6 Version: 1.0.5 Version: 1.0.4 Version: 1.0.3 Version: 1.0.2 Version: 1.0.1 Version: 1.0.0 Version: 1.2.x Version: 0.105.x Version: 0.104.x Version: 0.103.11 Version: 0.103.10 Version: 0.103.9 Version: 0.103.8 Version: 0.103.7 Version: 0.103.6 Version: 0.103.5 Version: 0.103.4 Version: 0.103.3 Version: 0.103.2 Version: 0.103.1 Version: 0.103.0 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20506",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:34:43.487532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:34:52.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0"
},
{
"status": "affected",
"version": "1.3.2"
},
{
"status": "affected",
"version": "1.0.6"
},
{
"status": "affected",
"version": "1.0.5"
},
{
"status": "affected",
"version": "1.0.4"
},
{
"status": "affected",
"version": "1.0.3"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.1"
},
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "1.2.x"
},
{
"status": "affected",
"version": "0.105.x"
},
{
"status": "affected",
"version": "0.104.x"
},
{
"status": "affected",
"version": "0.103.11"
},
{
"status": "affected",
"version": "0.103.10"
},
{
"status": "affected",
"version": "0.103.9"
},
{
"status": "affected",
"version": "0.103.8"
},
{
"status": "affected",
"version": "0.103.7"
},
{
"status": "affected",
"version": "0.103.6"
},
{
"status": "affected",
"version": "0.103.5"
},
{
"status": "affected",
"version": "0.103.4"
},
{
"status": "affected",
"version": "0.103.3"
},
{
"status": "affected",
"version": "0.103.2"
},
{
"status": "affected",
"version": "0.103.1"
},
{
"status": "affected",
"version": "0.103.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T21:28:54.812Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
}
],
"source": {
"defects": [
"CSCwk31741"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV Privilege Handling Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20506",
"datePublished": "2024-09-04T21:28:54.812Z",
"dateReserved": "2023-11-08T15:08:07.688Z",
"dateUpdated": "2024-09-05T13:34:52.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6745
Vulnerability from cvelistv5
Published
2019-11-07 22:15
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2007-6745 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2007-6745 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2012/03/29/2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-6745"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2007-6745"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "clamav",
"vendor": "clamav",
"versions": [
{
"status": "affected",
"version": "0.91.2"
}
]
}
],
"datePublic": "2012-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "clamav 0.91.2 suffers from a floating point exception when using ScanOLE2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T22:15:40",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-6745"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2007-6745"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-6745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "clamav",
"version": {
"version_data": [
{
"version_value": "0.91.2"
}
]
}
}
]
},
"vendor_name": "clamav"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "clamav 0.91.2 suffers from a floating point exception when using ScanOLE2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2007-6745",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2007-6745"
},
{
"name": "https://access.redhat.com/security/cve/cve-2007-6745",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2007-6745"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/03/29/2",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-6745",
"datePublished": "2019-11-07T22:15:40",
"dateReserved": "2011-12-19T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2668
Vulnerability from cvelistv5
Published
2015-05-12 19:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ubuntu.com/usn/usn-2594-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/74472 | vdb-entry, x_refsource_BID | |
| http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:37.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "74472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "74472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2594-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "74472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74472"
},
{
"name": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "openSUSE-SU-2015:0906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2668",
"datePublished": "2015-05-12T19:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:24:37.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0361
Vulnerability from cvelistv5
Published
2018-07-16 17:00
Modified
2024-11-29 14:55
Severity ?
EPSS score ?
Summary
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041367 | vdb-entry, x_refsource_SECTRACK | |
| https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV before 0.100.1 unknown |
Version: ClamAV before 0.100.1 unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:27.957182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:55:08.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV before 0.100.1 unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV before 0.100.1 unknown"
}
]
}
],
"datePublic": "2018-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unreasonably long time to parse",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1041367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV before 0.100.1 unknown",
"version": {
"version_data": [
{
"version_value": "ClamAV before 0.100.1 unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unreasonably long time to parse"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041367",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041367"
},
{
"name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html",
"refsource": "CONFIRM",
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0361",
"datePublished": "2018-07-16T17:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:55:08.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6420
Vulnerability from cvelistv5
Published
2017-08-07 03:00
Modified
2024-08-05 15:25
Severity ?
EPSS score ?
Summary
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.clamav.net/show_bug.cgi?id=11798 | x_refsource_MISC | |
| https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO | |
| https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11798"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11798"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11798",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11798"
},
{
"name": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md",
"refsource": "MISC",
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc",
"refsource": "MISC",
"url": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6420",
"datePublished": "2017-08-07T03:00:00",
"dateReserved": "2017-03-01T00:00:00",
"dateUpdated": "2024-08-05T15:25:49.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3481
Vulnerability from cvelistv5
Published
2020-07-20 17:45
Modified
2024-11-13 18:18
Severity ?
EPSS score ?
Summary
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html | vendor-advisory, x_refsource_CISCO | |
| https://security.gentoo.org/glsa/202007-23 | vendor-advisory, x_refsource_GENTOO | |
| https://usn.ubuntu.com/4435-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/ | vendor-advisory, x_refsource_FEDORA | |
| https://usn.ubuntu.com/4435-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ClamAV 0.102.4 security patch released",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"
},
{
"name": "GLSA-202007-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"name": "USN-4435-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"name": "FEDORA-2020-dd0c20d985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"
},
{
"name": "USN-4435-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4435-2/"
},
{
"name": "FEDORA-2020-6584a641ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:13:21.201870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:18:48.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.102.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-06T07:06:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ClamAV 0.102.4 security patch released",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"
},
{
"name": "GLSA-202007-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"name": "USN-4435-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"name": "FEDORA-2020-dd0c20d985",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"
},
{
"name": "USN-4435-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4435-2/"
},
{
"name": "FEDORA-2020-6584a641ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to ClamAV version 0.102.4"
}
],
"source": {
"advisory": "clamav-01024-security-patch",
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-20T17:36:00.000Z",
"ID": "CVE-2020-3481",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.102.4"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ClamAV 0.102.4 security patch released",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"
},
{
"name": "GLSA-202007-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"name": "USN-4435-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"name": "FEDORA-2020-dd0c20d985",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"
},
{
"name": "USN-4435-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4435-2/"
},
{
"name": "FEDORA-2020-6584a641ae",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to ClamAV version 0.102.4"
}
],
"source": {
"advisory": "clamav-01024-security-patch",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3481",
"datePublished": "2020-07-20T17:45:13.687377Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:18:48.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2020
Vulnerability from cvelistv5
Published
2013-05-13 23:00
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5892"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375"
},
{
"name": "USN-1816-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"name": "53182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7055"
},
{
"name": "FEDORA-2013-10980",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5880"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "53150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5892"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375"
},
{
"name": "USN-1816-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"name": "53182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7055"
},
{
"name": "FEDORA-2013-10980",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5880"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"name": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"name": "http://support.apple.com/kb/HT5892",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5892"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375"
},
{
"name": "USN-1816-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"name": "53182",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=7055",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7055"
},
{
"name": "FEDORA-2013-10980",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"name": "http://support.apple.com/kb/HT5880",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5880"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2020",
"datePublished": "2013-05-13T23:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0360
Vulnerability from cvelistv5
Published
2018-07-16 17:00
Modified
2024-11-29 14:55
Severity ?
EPSS score ?
Summary
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041367 | vdb-entry, x_refsource_SECTRACK | |
| https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3722-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/ | x_refsource_MISC | |
| https://usn.ubuntu.com/3722-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV before 0.100.1 unknown |
Version: ClamAV before 0.100.1 unknown |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "USN-3722-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3722-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"
},
{
"name": "USN-3722-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3722-2/"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:37:29.272393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T14:55:17.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV before 0.100.1 unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV before 0.100.1 unknown"
}
]
}
],
"datePublic": "2018-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1041367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "USN-3722-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3722-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"
},
{
"name": "USN-3722-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3722-2/"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV before 0.100.1 unknown",
"version": {
"version_data": [
{
"version_value": "ClamAV before 0.100.1 unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041367",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041367"
},
{
"name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html",
"refsource": "CONFIRM",
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"name": "USN-3722-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3722-1/"
},
{
"name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/",
"refsource": "MISC",
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"
},
{
"name": "USN-3722-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3722-2/"
},
{
"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0360",
"datePublished": "2018-07-16T17:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-29T14:55:17.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1405
Vulnerability from cvelistv5
Published
2021-04-08 04:30
Modified
2024-11-08 23:25
Severity ?
EPSS score ?
Summary
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO | |
| https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/202104-07 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"
},
{
"name": "GLSA-202104-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202104-07"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:02:34.550630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:25:38.707Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThanOrEqual": "0.103.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-01T01:06:30",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"
},
{
"name": "GLSA-202104-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202104-07"
}
],
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
},
"title": "Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-04-08T12:08:00.000Z",
"ID": "CVE-2021-1405",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "0.103.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"
},
{
"name": "GLSA-202104-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202104-07"
}
]
},
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1405",
"datePublished": "2021-04-08T04:30:14.596976Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:25:38.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4479
Vulnerability from cvelistv5
Published
2010-12-07 01:00
Modified
2024-08-07 03:51
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:51:17.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42426"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka \"bb #2380,\" a different vulnerability than CVE-2010-4260."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380"
},
{
"name": "FEDORA-2010-18568",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42426"
},
{
"name": "42720",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"name": "45152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"name": "ADV-2010-3135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka \"bb #2380,\" a different vulnerability than CVE-2010-4260."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42555"
},
{
"name": "ADV-2010-3137",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"name": "FEDORA-2010-18564",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=659861",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"name": "USN-1031-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"name": "ADV-2010-3185",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"name": "1024818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"name": "[oss-security] 20101203 clamav 0.96.5 released",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380"
},
{
"name": "FEDORA-2010-18568",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"name": "42426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42426"
},
{
"name": "42720",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42720"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"name": "MDVSA-2010:249",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"name": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=master",
"refsource": "CONFIRM",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=master"
},
{
"name": "45152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"name": "ADV-2010-3135",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"name": "[oss-security] 20101203 Re: clamav 0.96.5 released",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4479",
"datePublished": "2010-12-07T01:00:00",
"dateReserved": "2010-12-06T00:00:00",
"dateUpdated": "2024-08-07T03:51:17.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7088
Vulnerability from cvelistv5
Published
2019-11-15 14:19
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
ClamAV before 0.97.7 has buffer overflow in the libclamav component
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201405-08.xml | x_refsource_MISC | |
| https://security-tracker.debian.org/tracker/CVE-2013-7088 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/12/13/1 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/58546 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:46.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7088"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58546"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7 has buffer overflow in the libclamav component"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T14:19:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7088"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/58546"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV before 0.97.7 has buffer overflow in the libclamav component"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.gentoo.org/glsa/glsa-201405-08.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-7088",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7088"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/12/13/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"name": "http://www.securityfocus.com/bid/58546",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/58546"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7088",
"datePublished": "2019-11-15T14:19:48",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T17:53:46.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1372
Vulnerability from cvelistv5
Published
2009-04-23 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1022028 | vdb-entry, x_refsource_SECTRACK | |
| http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel&path=%2Ftrunk%2FChangeLog&rev=5032 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 | vendor-advisory, x_refsource_MANDRIVA | |
| http://secunia.com/advisories/34612 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html | vendor-advisory, x_refsource_APPLE | |
| http://www.vupen.com/english/advisories/2009/0985 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/34446 | vdb-entry, x_refsource_BID | |
| http://support.apple.com/kb/HT3865 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/36701 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/53603 | vdb-entry, x_refsource_OSVDB | |
| https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022028"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34612"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "34446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "53603",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53603"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-05-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022028"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34612"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "34446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "53603",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53603"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"name": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34612"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "34446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34446"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "53603",
"refsource": "OSVDB",
"url": "http://osvdb.org/53603"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1372",
"datePublished": "2009-04-23T15:00:00",
"dateReserved": "2009-04-23T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20785
Vulnerability from cvelistv5
Published
2022-05-04 17:05
Modified
2024-11-06 16:16
Severity ?
EPSS score ?
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco AMP for Endpoints |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220504 ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:30.923234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:16:00.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AMP for Endpoints",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-01T10:06:26.904654",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220504 ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"
},
{
"name": "FEDORA-2022-b8691af27b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"name": "FEDORA-2022-0ac71a8f3a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"name": "FEDORA-2022-a910a41a17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"name": "[debian-lts-announce] 20220603 [SECURITY] [DLA 3042-1] clamav security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"name": "GLSA-202310-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"source": {
"advisory": "cisco-sa-clamav-html-XAuOK8mR",
"defect": [
[
"CSCwb30931",
"CSCwb30932",
"CSCwb30933"
]
],
"discovery": "INTERNAL"
},
"title": "ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20785",
"datePublished": "2022-05-04T17:05:57.272626Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:16:00.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12376
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:26
Severity ?
EPSS score ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11942 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:55.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11942"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:09:02.092489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:26:25.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11942"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11942",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11942"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12376",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:26:25.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-15378
Vulnerability from cvelistv5
Published
2018-10-15 17:00
Modified
2024-11-26 14:26
Severity ?
EPSS score ?
Summary
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.clamav.net/show_bug.cgi?id=12170 | x_refsource_CONFIRM | |
| https://secuniaresearch.flexerasoftware.com/advisories/83000/ | third-party-advisory, x_refsource_SECUNIA | |
| https://usn.ubuntu.com/3789-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3789-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:54:02.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170"
},
{
"name": "83000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/"
},
{
"name": "USN-3789-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3789-2/"
},
{
"name": "USN-3789-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3789-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-15378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:47:40.459253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:26:00.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.100.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the \"unmew11()\" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-11T02:06:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170"
},
{
"name": "83000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/"
},
{
"name": "USN-3789-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3789-2/"
},
{
"name": "USN-3789-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3789-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"source": {
"advisory": "Bug 12170 - ClamAV Invalid read memory access in MEW unpacker",
"defect": [
[
"12170"
]
],
"discovery": "UNKNOWN"
},
"title": "Clam AntiVirus unmew11() Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-10-03T21:00:00-0500",
"ID": "CVE-2018-15378",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus unmew11() Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "0.100.2"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the \"unmew11()\" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.3",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=12170",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170"
},
{
"name": "83000",
"refsource": "SECUNIA",
"url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/"
},
{
"name": "USN-3789-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3789-2/"
},
{
"name": "USN-3789-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3789-1/"
},
{
"name": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html",
"refsource": "MISC",
"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
}
]
},
"source": {
"advisory": "Bug 12170 - ClamAV Invalid read memory access in MEW unpacker",
"defect": [
[
"12170"
]
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-15378",
"datePublished": "2018-10-15T17:00:00Z",
"dateReserved": "2018-08-17T00:00:00",
"dateUpdated": "2024-11-26T14:26:00.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-11423
Vulnerability from cvelistv5
Published
2017-07-18 20:00
Modified
2024-08-05 18:12
Severity ?
EPSS score ?
Summary
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2017/dsa-3946 | vendor-advisory, x_refsource_DEBIAN | |
| https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11873 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:12:39.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"name": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul",
"refsource": "MISC",
"url": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11873",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11423",
"datePublished": "2017-07-18T20:00:00",
"dateReserved": "2017-07-18T00:00:00",
"dateUpdated": "2024-08-05T18:12:39.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1371
Vulnerability from cvelistv5
Published
2009-04-23 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53602"
},
{
"name": "1022028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022028"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34716"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34612"
},
{
"name": "USN-756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-756-1"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "34654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34654"
},
{
"name": "34446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/360502"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "53602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53602"
},
{
"name": "1022028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022028"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34716"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34612"
},
{
"name": "USN-756-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-756-1"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "34654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34654"
},
{
"name": "34446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/360502"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53602",
"refsource": "OSVDB",
"url": "http://osvdb.org/53602"
},
{
"name": "1022028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"name": "34716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34716"
},
{
"name": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"name": "MDVSA-2009:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "34612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34612"
},
{
"name": "USN-756-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-756-1"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "ADV-2009-0985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"name": "DSA-1771",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "34654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34654"
},
{
"name": "34446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34446"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "https://launchpad.net/bugs/360502",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/360502"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1371",
"datePublished": "2009-04-23T15:00:00",
"dateReserved": "2009-04-23T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3501
Vulnerability from cvelistv5
Published
2005-11-05 11:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:22.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17451"
},
{
"name": "GLSA-200511-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml"
},
{
"name": "17501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17501"
},
{
"name": "15317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15317"
},
{
"name": "17184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17184"
},
{
"name": "20051104 Clam AntiVirus Cabinet-file handling Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=334\u0026type=vulnerabilities"
},
{
"name": "MDKSA-2005:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:205"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20484",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368319"
},
{
"name": "ADV-2005-2294",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2294"
},
{
"name": "150",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/150"
},
{
"name": "DSA-887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-887"
},
{
"name": "17434",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17434"
},
{
"name": "1015154",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015154"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17451"
},
{
"name": "GLSA-200511-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml"
},
{
"name": "17501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17501"
},
{
"name": "15317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15317"
},
{
"name": "17184",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17184"
},
{
"name": "20051104 Clam AntiVirus Cabinet-file handling Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=334\u0026type=vulnerabilities"
},
{
"name": "MDKSA-2005:205",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:205"
},
{
"name": "17559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20484",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368319"
},
{
"name": "ADV-2005-2294",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2294"
},
{
"name": "150",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/150"
},
{
"name": "DSA-887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-887"
},
{
"name": "17434",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17434"
},
{
"name": "1015154",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015154"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17451"
},
{
"name": "GLSA-200511-04",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml"
},
{
"name": "17501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17501"
},
{
"name": "15317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15317"
},
{
"name": "17184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17184"
},
{
"name": "20051104 Clam AntiVirus Cabinet-file handling Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=334\u0026type=vulnerabilities"
},
{
"name": "MDKSA-2005:205",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:205"
},
{
"name": "17559",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17559"
},
{
"name": "20484",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20484"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=368319",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=368319"
},
{
"name": "ADV-2005-2294",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2294"
},
{
"name": "150",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/150"
},
{
"name": "DSA-887",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-887"
},
{
"name": "17434",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17434"
},
{
"name": "1015154",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015154"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3501",
"datePublished": "2005-11-05T11:00:00",
"dateReserved": "2005-11-05T00:00:00",
"dateUpdated": "2024-08-07T23:17:22.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-2021
Vulnerability from cvelistv5
Published
2013-05-13 23:00
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5892"
},
{
"name": "USN-1816-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971"
},
{
"name": "53182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7053"
},
{
"name": "FEDORA-2013-10980",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5880"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "53150",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5892"
},
{
"name": "USN-1816-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971"
},
{
"name": "53182",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7053"
},
{
"name": "FEDORA-2013-10980",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5880"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53150"
},
{
"name": "FEDORA-2013-10853",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"name": "FEDORA-2013-8047",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "openSUSE-SU-2013:0881",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"name": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"name": "http://support.apple.com/kb/HT5892",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5892"
},
{
"name": "USN-1816-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"name": "openSUSE-SU-2013:0883",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971"
},
{
"name": "53182",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53182"
},
{
"name": "APPLE-SA-2013-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"name": "[oss-security] 20130429 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"name": "APPLE-SA-2013-09-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"name": "59434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"name": "[oss-security] 20130424 Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"name": "MDVSA-2013:159",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"name": "FEDORA-2013-10953",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=7053",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7053"
},
{
"name": "FEDORA-2013-10980",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"name": "http://support.apple.com/kb/HT5880",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5880"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2021",
"datePublished": "2013-05-13T23:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5525
Vulnerability from cvelistv5
Published
2008-12-12 18:13
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/4723 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/499043/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/498995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5525",
"datePublished": "2008-12-12T18:13:00",
"dateReserved": "2008-12-12T00:00:00",
"dateUpdated": "2024-08-07T10:56:46.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3914
Vulnerability from cvelistv5
Published
2008-09-09 14:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "clamav-multiple-unspecified(45058)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the \"error path\" in (1) libclamav/others.c and (2) libclamav/sis.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "clamav-multiple-unspecified(45058)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the \"error path\" in (1) libclamav/others.c and (2) libclamav/sis.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32030"
},
{
"name": "31051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31051"
},
{
"name": "31982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31982"
},
{
"name": "31681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141",
"refsource": "MISC",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"name": "[oss-security] 20080904 Re: request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"name": "SUSE-SR:2008:018",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"name": "MDVSA-2008:189",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"name": "[oss-security] 20080903 request for CVE: clamav 0.94 release",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"name": "FEDORA-2008-9651",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"name": "32222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32222"
},
{
"name": "GLSA-200809-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-22.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"name": "1020828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020828"
},
{
"name": "DSA-1660",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"name": "32424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32424"
},
{
"name": "ADV-2008-2780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "ADV-2008-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"name": "32699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32699"
},
{
"name": "APPLE-SA-2008-10-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT3216",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "31906",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31906"
},
{
"name": "FEDORA-2008-9644",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"name": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "clamav-multiple-unspecified(45058)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3914",
"datePublished": "2008-09-09T14:00:00",
"dateReserved": "2008-09-04T00:00:00",
"dateUpdated": "2024-08-07T10:00:41.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1639
Vulnerability from cvelistv5
Published
2010-05-26 18:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:41.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024017",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024017"
},
{
"name": "clamav-clipdf-dos(58824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58824"
},
{
"name": "40317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40317"
},
{
"name": "43752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43752"
},
{
"name": "ADV-2010-1214",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"name": "MDVSA-2010:110",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2"
},
{
"name": "FEDORA-2011-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "39895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016"
},
{
"name": "FEDORA-2011-2741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1024017",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024017"
},
{
"name": "clamav-clipdf-dos(58824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58824"
},
{
"name": "40317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40317"
},
{
"name": "43752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43752"
},
{
"name": "ADV-2010-1214",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"name": "MDVSA-2010:110",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2"
},
{
"name": "FEDORA-2011-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "39895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016"
},
{
"name": "FEDORA-2011-2741",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1639",
"datePublished": "2010-05-26T18:00:00",
"dateReserved": "2010-04-29T00:00:00",
"dateUpdated": "2024-08-07T01:28:41.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1270
Vulnerability from cvelistv5
Published
2009-04-08 16:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "clamav-untar-dos(49846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49846"
},
{
"name": "34357",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34716"
},
{
"name": "53461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53461"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "clamav-untar-dos(49846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49846"
},
{
"name": "34357",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462"
},
{
"name": "34716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34716"
},
{
"name": "53461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53461"
},
{
"name": "MDVSA-2009:097",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "clamav-untar-dos(49846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49846"
},
{
"name": "34357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34357"
},
{
"name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462",
"refsource": "CONFIRM",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462"
},
{
"name": "34716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34716"
},
{
"name": "53461",
"refsource": "OSVDB",
"url": "http://osvdb.org/53461"
},
{
"name": "MDVSA-2009:097",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"name": "ADV-2009-0934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "DSA-1771",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"name": "[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "USN-754-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-754-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1270",
"datePublished": "2009-04-08T16:00:00",
"dateReserved": "2009-04-08T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1789
Vulnerability from cvelistv5
Published
2019-11-05 18:25
Modified
2024-11-19 18:52
Severity ?
EPSS score ?
Summary
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:22:31.716817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:52:26.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.100.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T18:25:34",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"
}
],
"source": {
"advisory": "clamav-01012",
"discovery": "USER"
},
"title": "ClamAV Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1789",
"STATE": "PUBLIC",
"TITLE": "ClamAV Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.100.3"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html",
"refsource": "MISC",
"url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"
}
]
},
"source": {
"advisory": "clamav-01012",
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1789",
"datePublished": "2019-11-05T18:25:34",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T18:52:26.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2650
Vulnerability from cvelistv5
Published
2007-05-14 21:00
Modified
2024-08-07 13:49
Severity ?
EPSS score ?
Summary
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25796"
},
{
"name": "[clamav-devel] 20070418 Bug in OLE2 file parser",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html"
},
{
"name": "SUSE-SA:2007:033",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_33_clamav.html"
},
{
"name": "25525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25525"
},
{
"name": "25553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25553"
},
{
"name": "ADV-2007-1776",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1776"
},
{
"name": "25523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25523"
},
{
"name": "DSA-1320",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1320"
},
{
"name": "2007-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0020/"
},
{
"name": "24316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24316"
},
{
"name": "MDKSA-2007:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:115"
},
{
"name": "25244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25244"
},
{
"name": "25558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25558"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kolab.org/security/kolab-vendor-notice-15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853"
},
{
"name": "25688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25688"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "GLSA-200706-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-05.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-06-09T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25796"
},
{
"name": "[clamav-devel] 20070418 Bug in OLE2 file parser",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html"
},
{
"name": "SUSE-SA:2007:033",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_33_clamav.html"
},
{
"name": "25525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25525"
},
{
"name": "25553",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25553"
},
{
"name": "ADV-2007-1776",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1776"
},
{
"name": "25523",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25523"
},
{
"name": "DSA-1320",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1320"
},
{
"name": "2007-0020",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0020/"
},
{
"name": "24316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24316"
},
{
"name": "MDKSA-2007:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:115"
},
{
"name": "25244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25244"
},
{
"name": "25558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25558"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kolab.org/security/kolab-vendor-notice-15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853"
},
{
"name": "25688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25688"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "GLSA-200706-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-05.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2650",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25796"
},
{
"name": "[clamav-devel] 20070418 Bug in OLE2 file parser",
"refsource": "MLIST",
"url": "http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html"
},
{
"name": "SUSE-SA:2007:033",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_33_clamav.html"
},
{
"name": "25525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25525"
},
{
"name": "25553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25553"
},
{
"name": "ADV-2007-1776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1776"
},
{
"name": "25523",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25523"
},
{
"name": "DSA-1320",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1320"
},
{
"name": "2007-0020",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0020/"
},
{
"name": "24316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24316"
},
{
"name": "MDKSA-2007:115",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:115"
},
{
"name": "25244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25244"
},
{
"name": "25558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25558"
},
{
"name": "http://kolab.org/security/kolab-vendor-notice-15.txt",
"refsource": "CONFIRM",
"url": "http://kolab.org/security/kolab-vendor-notice-15.txt"
},
{
"name": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853",
"refsource": "MISC",
"url": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853"
},
{
"name": "25688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25688"
},
{
"name": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog",
"refsource": "CONFIRM",
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"name": "GLSA-200706-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200706-05.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2650",
"datePublished": "2007-05-14T21:00:00",
"dateReserved": "2007-05-14T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12379
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:25
Severity ?
EPSS score ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11944 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:56.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11944"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12379",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:24:16.353366Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:25:35.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11944",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12379",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:25:35.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2170
Vulnerability from cvelistv5
Published
2015-05-12 19:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://ubuntu.com/usn/usn-2594-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://security.gentoo.org/glsa/201512-08 | vendor-advisory, x_refsource_GENTOO | |
| http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/74443 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:14.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2594-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2594-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"name": "GLSA-201512-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"name": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"name": "74443",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"name": "openSUSE-SU-2015:0906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2170",
"datePublished": "2015-05-12T19:00:00",
"dateReserved": "2015-03-01T00:00:00",
"dateUpdated": "2024-08-06T05:10:14.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6419
Vulnerability from cvelistv5
Published
2017-08-07 03:00
Modified
2024-08-05 15:25
Severity ?
EPSS score ?
Summary
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2017/dsa-3946 | vendor-advisory, x_refsource_DEBIAN | |
| https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md | x_refsource_MISC | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11701 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO | |
| https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11701"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11701"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180212 [SECURITY] [DLA 1279-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"name": "DSA-3946",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"name": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md",
"refsource": "MISC",
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11701",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11701"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1",
"refsource": "MISC",
"url": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6419",
"datePublished": "2017-08-07T03:00:00",
"dateReserved": "2017-03-01T00:00:00",
"dateUpdated": "2024-08-05T15:25:49.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12377
Vulnerability from cvelistv5
Published
2018-01-26 20:00
Modified
2024-12-02 21:26
Severity ?
EPSS score ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/3550-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3550-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11943 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | mailing-list, x_refsource_MLIST | |
| http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | ClamAV AntiVirus software versions 0.99.2 and prior |
Version: ClamAV AntiVirus software versions 0.99.2 and prior |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:36:56.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-12377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:24:17.550998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:26:06.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV AntiVirus software versions 0.99.2 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
],
"datePublic": "2018-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "heap overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-15T09:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "USN-3550-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
"version": {
"version_data": [
{
"version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "heap overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3550-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"name": "USN-3550-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11943",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
},
{
"name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12377",
"datePublished": "2018-01-26T20:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-12-02T21:26:06.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15961
Vulnerability from cvelistv5
Published
2020-01-15 19:05
Modified
2024-11-15 17:48
Severity ?
EPSS score ?
Summary
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.clamav.net/show_bug.cgi?id=12380 | vendor-advisory, x_refsource_CISCO | |
| https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 | vendor-advisory, x_refsource_CISCO | |
| https://usn.ubuntu.com/4230-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/202003-46 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"name": "USN-4230-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"name": "GLSA-202003-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-46"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15961",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:22:50.686102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:48:05.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "ClamAV",
"versions": [
{
"lessThanOrEqual": "0.102.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "0.101.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-19T22:06:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"name": "USN-4230-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"name": "GLSA-202003-46",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-46"
}
],
"source": {
"advisory": "CSCvr56010",
"defect": [
"CSCvr56010"
],
"discovery": "USER"
},
"title": "Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-15961",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "0.102.0"
},
{
"version_affected": "\u003c",
"version_value": "0.101.4"
}
]
}
}
]
},
"vendor_name": "ClamAV"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=12380",
"refsource": "CISCO",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010",
"refsource": "CISCO",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"name": "USN-4230-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"name": "GLSA-202003-46",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-46"
}
]
},
"source": {
"advisory": "CSCvr56010",
"defect": [
"CSCvr56010"
],
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-15961",
"datePublished": "2020-01-15T19:05:16",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:48:05.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1419
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52572 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80409 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52572"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52572"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52572"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1419",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1372
Vulnerability from cvelistv5
Published
2016-10-03 18:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html | x_refsource_CONFIRM | |
| https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93221 | vdb-entry, x_refsource_BID | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11514 | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-3093-1 | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"name": "93221",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-03T17:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"name": "93221",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"name": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/",
"refsource": "MISC",
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"name": "93221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93221"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11514",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name": "USN-3093-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1372",
"datePublished": "2016-10-03T18:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1787
Vulnerability from cvelistv5
Published
2019-04-08 19:10
Modified
2024-11-19 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html | vendor-advisory, x_refsource_SUSE | |
| https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:55.955639Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:12:23.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.101.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-22T13:06:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"
},
{
"name": "GLSA-201904-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
],
"source": {
"defect": [
"12181"
],
"discovery": "EXTERNAL"
},
"title": "Clam AntiVirus PDF Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-1787",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus PDF Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.101.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"
},
{
"name": "GLSA-201904-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"name": "openSUSE-SU-2019:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"name": "openSUSE-SU-2019:1210",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
}
]
},
"source": {
"defect": [
"12181"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1787",
"datePublished": "2019-04-08T19:10:16",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:12:23.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1404
Vulnerability from cvelistv5
Published
2021-04-08 04:30
Modified
2024-11-08 23:25
Severity ?
EPSS score ?
Summary
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:02:31.585183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:25:27.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.103.0"
},
{
"status": "affected",
"version": "0.103.1"
}
]
}
],
"datePublic": "2021-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-13T13:00:26",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
},
"title": "Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-04-08T12:08:00.000Z",
"ID": "CVE-2021-1404",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.103.0"
},
{
"version_affected": "=",
"version_value": "0.103.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
]
},
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1404",
"datePublished": "2021-04-08T04:30:18.361779Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:25:27.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12625
Vulnerability from cvelistv5
Published
2019-11-05 18:15
Modified
2024-11-19 18:52
Severity ?
EPSS score ?
Summary
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"
},
{
"name": "openSUSE-SU-2019:2595",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"
},
{
"name": "openSUSE-SU-2019:2597",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:22:32.861218Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:52:35.512Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"lessThan": "0.101.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-01T06:06:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"
},
{
"name": "openSUSE-SU-2019:2595",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"
},
{
"name": "openSUSE-SU-2019:2597",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"
}
],
"source": {
"advisory": "clamav-01014",
"discovery": "USER"
},
"title": "ClamAV Zip Bomb Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2019-12625",
"STATE": "PUBLIC",
"TITLE": "ClamAV Zip Bomb Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.101.3"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html",
"refsource": "MISC",
"url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"
},
{
"name": "openSUSE-SU-2019:2595",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"
},
{
"name": "openSUSE-SU-2019:2597",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"
}
]
},
"source": {
"advisory": "clamav-01014",
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12625",
"datePublished": "2019-11-05T18:15:36",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-19T18:52:35.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6418
Vulnerability from cvelistv5
Published
2017-08-07 03:00
Modified
2024-08-05 15:25
Severity ?
EPSS score ?
Summary
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md | x_refsource_MISC | |
| https://bugzilla.clamav.net/show_bug.cgi?id=11797 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/100154 | vdb-entry, x_refsource_BID | |
| https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201804-16 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11797"
},
{
"name": "100154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100154"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-21T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11797"
},
{
"name": "100154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100154"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c"
},
{
"name": "GLSA-201804-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md",
"refsource": "MISC",
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md"
},
{
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11797",
"refsource": "MISC",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11797"
},
{
"name": "100154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100154"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c",
"refsource": "MISC",
"url": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c"
},
{
"name": "GLSA-201804-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201804-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-6418",
"datePublished": "2017-08-07T03:00:00",
"dateReserved": "2017-03-01T00:00:00",
"dateUpdated": "2024-08-05T15:25:49.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-03-13 15:29
Modified
2024-11-21 03:39
Severity ?
Summary
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.99.3 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.99.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE14FC74-CDE8-4D9B-BAF5-0BE844C9B950",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6."
},
{
"lang": "es",
"value": "ClamAV, versi\u00f3n 0.99.3, contiene una vulnerabilidad de lectura de memoria din\u00e1mica (heap) fuera de l\u00edmites en el analizador XAR, en la funci\u00f3n xar_hash_check() que puede resultar en un filtrado de memoria y ayudar a desarrollar cadenas de exploits. El ataque parece ser explotable si una v\u00edctima escanea un archivo XAR malicioso. La vulnerabilidad parece haber sido solucionada tras el commit con ID d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6."
}
],
"id": "CVE-2018-1000085",
"lastModified": "2024-11-21T03:39:36.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-13T15:29:01.113",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/29/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/29/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/Cisco-Talos/clamav-devel/commit/d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-08 17:30
Modified
2024-11-21 01:11
Severity ?
Summary
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B9F3E211-9E3F-4FDE-A777-B599EC67A1AB",
"versionEndIncluding": "0.96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamavs:clamav:0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9538B256-D757-440F-9B26-F5562312678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamavs:clamav:0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "66942C48-9D6A-4367-9808-7BE1AA1447A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities."
},
{
"lang": "es",
"value": "ClamAV anterior a v0.96 no maneja adecuadamente los formatos de archivo (1) CAB y (2) 7z, lo que permite a atacantes remotos evitar la detecci\u00f3n de virus a trav\u00e9s de un archivo manipulado que es compatible con las utilidades de archivo est\u00e1ndar."
}
],
"id": "CVE-2010-0098",
"lastModified": "2024-11-21T01:11:31.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-08T17:30:00.313",
"references": [
{
"source": "cret@cert.org",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/39293"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39329"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2010/04/06/4"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2010/04/08/3"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"source": "cret@cert.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/04/06/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/04/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1826"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-08 14:59
Modified
2024-11-21 02:46
Severity ?
Summary
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| cisco | email_security_appliance | 9.6.0-042 | |
| cisco | web_security_appliance | 8.8.0-085 | |
| cisco | web_security_appliance | 9.1.0-070 | |
| cisco | web_security_appliance | 9.5.0-284 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4628C3-55C5-4B29-9B9F-7034B0670C76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*",
"matchCriteriaId": "ED373FBD-1BB7-4532-946F-9DA2DF33A8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*",
"matchCriteriaId": "4F98FEDA-89EF-40BA-BBD3-3EBD6DD33EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*",
"matchCriteriaId": "8782B7BC-03C5-4866-9807-14EF9A818EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA50ED3-74F8-4B13-BFA9-97EA6B43C701",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
},
{
"lang": "es",
"value": "libclamav en ClamAV (tambi\u00e9n conocida como Clam AntiVirus), tal como se utiliza en Advanced Malware Protection (AMP) en dispositivos Cisco Email Security Appliance (ESA) en versiones anteriores a 9.7.0-125 y dispositivos Web Security Appliance (WSA) en versiones anteriores a 9.0.1-135 y 9.1.x en versiones anteriores a 9.1.1-041, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del proceso AMP) a trav\u00e9s de un documento manipulado, tambi\u00e9n conocido como Bug IDs CSCuv78533 y CSCuw60503."
}
],
"id": "CVE-2016-1405",
"lastModified": "2024-11-21T02:46:22.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-08T14:59:12.827",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/90968"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1035993"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1035994"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "ykramarz@cisco.com",
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-12 20:00
Modified
2024-11-21 00:42
Severity ?
Summary
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89BB58DD-7EA7-4C52-9791-902026B054A4",
"versionEndIncluding": "0.92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger \"heap corruption.\""
},
{
"lang": "es",
"value": "La funci\u00f3n unmew11 en el archivo libclamav/mew.c en libclamav en ClamAV versiones anteriores a 0.92.1, presenta un impacto desconocido y vectores de ataque que desencadenan \"heap corruption\"."
}
],
"id": "CVE-2008-0728",
"lastModified": "2024-11-21T00:42:46.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-12T20:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=209915"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"url": "http://kolab.org/security/kolab-vendor-notice-19.txt"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28907"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29001"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29026"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29048"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29060"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200802-09.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=575703"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0503"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0606"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=209915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kolab.org/security/kolab-vendor-notice-19.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200802-09.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=575703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/techcenter/psdb/512985d2cd3090bfb93dcb7b551179cf.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40474"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-15 19:15
Modified
2024-11-21 04:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | 0.102.0 | |
| cisco | email_security_appliance_firmware | 11.1.1-042 | |
| cisco | email_security_appliance_firmware | 11.1.2-023 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BC0A3F-96C6-40A9-8FD7-FA36F7650256",
"versionEndIncluding": "0.101.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38845FB7-5C4A-4E4F-81D2-F3338DEDC2BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042:*:*:*:*:*:*:*",
"matchCriteriaId": "357904C5-F794-4F22-84A8-9BFDD7801166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023:*:*:*:*:*:*:*",
"matchCriteriaId": "2EECA7F2-8101-445B-A8B3-ACAD1FB6BD8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de correo electr\u00f3nico de Clam AntiVirus (ClamAV) Software versiones 0.102.0, 0.101.4 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a rutinas de an\u00e1lisis MIME ineficientes que resultan en tiempos de an\u00e1lisis extremadamente largos de archivos de correo electr\u00f3nico con formato especial. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un archivo de correo electr\u00f3nico dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV escanee el archivo de correo electr\u00f3nico dise\u00f1ado indefinidamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"id": "CVE-2019-15961",
"lastModified": "2024-11-21T04:29:49.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-15T19:15:13.317",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4230-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-04 22:15
Modified
2024-09-12 17:28
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C21D8C4B-CEBE-422C-A103-B516EBCC34B6",
"versionEndExcluding": "0.103.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3AF611-42CD-4EC8-9A2A-89AEC62A3D6E",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "0.104.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0EA13B-FFC9-4385-8691-38A90DCE774F",
"versionEndExcluding": "1.3.2",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F43F7-EF41-4CB7-A013-6A8F274F973D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de PDF de Clam AntiVirus (ClamAV) versiones 1.4.0, 1.3.2 y anteriores, todas las versiones 1.2.x, 1.0.6 y anteriores, todas las versiones 0.105.x, todas las versiones 0.104.x y 0.103.11 y anteriores podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a una lectura fuera de los l\u00edmites. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un archivo PDF manipulado para que ClamAV lo escanee en un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante terminar el proceso de escaneo."
}
],
"id": "CVE-2024-20505",
"lastModified": "2024-09-12T17:28:47.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-04T22:15:03.887",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11945 | Exploit, Issue Tracking, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11945 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c during certain mail parsing functions of the ClamAV software. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. An exploit could trigger a NULL pointer dereference condition when ClamAV scans the malicious email, which may result in a DoS condition."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas en mbox.c durante ciertas funciones de an\u00e1lisis de email en un dispositivo afectado. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando un email manipulado a un dispositivo afectado. Un exploit podr\u00eda desencadenar una condici\u00f3n de desreferencia de puntero NULL cuando ClamAV escanea el email malicioso, lo que podr\u00eda resultar en una condici\u00f3n de DoS."
}
],
"id": "CVE-2017-12380",
"lastModified": "2024-11-21T03:09:25.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.690",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11945"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-08 05:15
Modified
2024-11-21 05:43
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C776BACB-EE82-4BE9-86C9-C20732E42E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E389C4-E99E-464E-9466-02204167FEB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de macros Excel XLM en Clam AntiVirus (ClamAV) versiones 0.103.0 y 0.103.1 del software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un manejo inapropiado de errores que puede resultar en un bucle infinito.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo de Excel dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV se bloquee, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-1252",
"lastModified": "2024-11-21T05:43:55.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-08T05:15:12.237",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-11 01:13
Modified
2024-11-21 00:50
Severity ?
Summary
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E80C5B4C-3ED8-41B2-85CE-60CC51C51B13",
"versionEndExcluding": "0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition."
},
{
"lang": "es",
"value": "libclamav en ClamAV en versiones anteriores a 0.94 que permite a los atacantes causar una denegaci\u00f3n de servicios (puntero NULL no referenciado y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con condiciones de fuera de memoria."
}
],
"id": "CVE-2008-3912",
"lastModified": "2024-11-21T00:50:27.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T01:13:41.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45056"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-23 19:00
Modified
2024-11-21 01:25
Severity ?
Summary
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C65A8EC-FE8D-4747-8968-736D03B99862",
"versionEndIncluding": "0.96.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Doble vulnerabilidad libre en la funci\u00f3n vba_read_project_strings en vba_extract.c en libclamav en ClamAV anterior a v0.97, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de Visual Basic para Aplicaciones (VBA) manipulados en un documento de Microsoft Office. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2011-1003",
"lastModified": "2024-11-21T01:25:18.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-23T19:00:02.343",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97"
},
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/02/21/1"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/02/21/4"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/70937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43392"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43498"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43752"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025100"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/46470"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1076-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0458"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0523"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65544"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=d21fb8d975f8c9688894a8cef4d50d977022e09f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/02/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/02/21/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/70937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/en/support/security/advisories/?name=MDVA-2011:007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1076-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-08 05:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C776BACB-EE82-4BE9-86C9-C20732E42E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E389C4-E99E-464E-9466-02204167FEB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de PDF en el Software Clam AntiVirus (ClamAV) versiones 0.103.0 y 0.103.1, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un seguimiento inapropiado del tama\u00f1o del b\u00fafer que puede resultar en una lectura excesiva del b\u00fafer de la pila.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo PDF dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV se bloquee, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-1404",
"lastModified": "2024-11-21T05:44:16.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-08T05:15:13.267",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-12 18:30
Modified
2024-11-21 00:54
Severity ?
Summary
ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.93.1 | |
| clamav | clamav | 0.94.1 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
},
{
"lang": "es",
"value": "ClamAV v0.94.1 y posiblemente v0.93.1, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detecci\u00f3n de malware en un documento HTML colocando una cabecera MZ (alias \"EXE info\") al principio, y modificar el nombre del archivo a (1 ) sin extensi\u00f3n, (2) una extensi\u00f3n. txt, o (3) una extensi\u00f3n .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745."
}
],
"id": "CVE-2008-5525",
"lastModified": "2024-11-21T00:54:15.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-12T18:30:02.767",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-08 16:30
Modified
2024-11-21 01:02
Severity ?
Summary
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 5.0 | |
| canonical | ubuntu_linux | 8.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "313364AD-2D04-4292-932A-33CC851EA16E",
"versionEndExcluding": "0.95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang."
},
{
"lang": "es",
"value": "libclamav/untar.c en ClamAV anteriores a v0.95 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (buble infinito) a trav\u00e9s de un fichero manipulado que provoca que se cuelguen (1) clamd y (2) clamscan."
}
],
"id": "CVE-2009-1270",
"lastModified": "2024-11-21T01:02:03.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-08T16:30:00.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/53461"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34716"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49846"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Issue Tracking"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/53461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Issue Tracking"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-01 08:15
Modified
2024-11-21 07:40
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint_private_cloud | * | |
| clamav | clamav | * | |
| clamav | clamav | * | |
| clamav | clamav | 1.0.0 | |
| clamav | clamav | 1.0.0 | |
| clamav | clamav | 1.0.0 | |
| stormshield | stormshield_network_security | * | |
| stormshield | stormshield_network_security | * | |
| stormshield | stormshield_network_security | * | |
| stormshield | stormshield_network_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "40572314-306A-4594-A279-216B8139B7A0",
"versionEndExcluding": "1.20.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "726A787E-E64F-4906-9BAE-4F79EB530F1F",
"versionEndExcluding": "1.21.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "C4F63447-CA0E-43FC-8FF1-B4032D21E32A",
"versionEndExcluding": "7.5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D0FC45E7-C4AB-4AC5-87AB-0ED1508CCFF3",
"versionEndExcluding": "8.1.5",
"versionStartIncluding": "8.0.1.21160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07BFC8FC-6CF0-49DA-B4ED-5B7936A4233E",
"versionEndExcluding": "3.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF08008-9C84-4075-8AB7-233209E4F3C0",
"versionEndIncluding": "0.103.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14FA7424-A3E5-4F46-83F8-E9767330F1CE",
"versionEndIncluding": "0.105.1",
"versionStartIncluding": "0.104.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A381BD3C-88E0-41FD-91E6-26BCF78B84CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "88BE0B1C-4515-40EA-ADDD-A04BF50743DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FB00FEFE-F8A2-482D-A7EE-002DA4E10FF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88CF061E-FFD8-48DE-887F-2119C916E2B4",
"versionEndExcluding": "3.7.35",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F499B698-4EB6-4262-BAF4-9BDE7F114805",
"versionEndExcluding": "3.11.23",
"versionStartIncluding": "3.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40519377-ECDC-41E2-B6A6-7F601AC28ACD",
"versionEndExcluding": "4.3.17",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77BAC9BA-B215-490F-9202-617B1B4E7C8A",
"versionEndExcluding": "4.6.4",
"versionStartIncluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process."
}
],
"id": "CVE-2023-20052",
"lastModified": "2024-11-21T07:40:26.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-01T08:15:11.980",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-xxe-TcSZduhN"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-776"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-08 20:04
Modified
2024-11-21 00:14
Severity ?
Summary
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.81 | |
| clamav | clamav | 0.81 | |
| clamav | clamav | 0.82 | |
| clamav | clamav | 0.83 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.85 | |
| clamav | clamav | 0.85.1 | |
| clamav | clamav | 0.86 | |
| clamav | clamav | 0.86 | |
| clamav | clamav | 0.86.1 | |
| clamav | clamav | 0.86.2 | |
| clamav | clamav | 0.87 | |
| clamav | clamav | 0.87.1 | |
| clamav | clamav | 0.88 | |
| clamav | clamav | 0.88.1 | |
| clamav | clamav | 0.88.2 | |
| clamav | clamav | 0.88.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00f3n en la funci\u00f3n pefromupx en libclamav/upx.c en Clam AntiVirus (ClamAV) 0.81 hasta 0.88.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo empaquetado UPX manipulado que contiene secciones con valores grandes de rsize."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nClam Anti-Virus, ClamAV, 0.88.4",
"id": "CVE-2006-4018",
"lastModified": "2024-11-21T00:14:57.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-08T20:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kolab.org/security/kolab-vendor-notice-10.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21368"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21374"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21433"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21443"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21457"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21497"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21562"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200608-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016645"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.clamav.net/security/0.88.4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1153"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:138"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_46_clamav.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.overflow.pl/adv/clamav_upx_heap.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/442681/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19381"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0046/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3175"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3275"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kolab.org/security/kolab-vendor-notice-10.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200608-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.clamav.net/security/0.88.4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_46_clamav.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.overflow.pl/adv/clamav_upx_heap.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/442681/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0046/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28286"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-05 19:15
Modified
2024-11-21 04:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94499663-814A-44DD-96D9-3B54212D8281",
"versionEndExcluding": "0.101.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system."
},
{
"lang": "es",
"value": "Las versiones anteriores a la versi\u00f3n 0.101.3 de ClamAV son susceptibles a una vulnerabilidad de bomba zip donde un atacante no autenticado puede causar una condici\u00f3n de denegaci\u00f3n de servicio mediante el env\u00edo de mensajes especialmente dise\u00f1ados en un sistema afectado."
}
],
"id": "CVE-2019-12625",
"lastModified": "2024-11-21T04:23:12.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-05T19:15:10.477",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=12262 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=12262 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08665A0F-6D95-4546-BAA9-B4E1335E2056",
"versionEndIncluding": "0.101.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de escaneado de archivos ejecutables port\u00e1tiles (PE) del software Clam AntiVirus (ClamAV) versiones 0.101.1 y anteriores, podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a la falta de mecanismos de comprobaci\u00f3n de entrada y validaci\u00f3n apropiados para los archivos PE enviados al dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando archivos PE malformados al dispositivo que ejecuta una versi\u00f3n afectada del software ClamAV. Una vulnerabilidad podr\u00eda permitirle al atacante causar una condici\u00f3n de lectura fuera de l\u00edmites, resultando en un bloqueo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado"
}
],
"id": "CVE-2019-1798",
"lastModified": "2024-11-21T04:37:24.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T20:29:11.097",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos RAR en ClamAV versi\u00f3n 0.96.4, Rising Antivirus versi\u00f3n 22.83.00.03, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, G Data AntiVirus versi\u00f3n 21, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Command Antivirus versi\u00f3n 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, PC Tools AntiVirus versi\u00f3n 7.0.3.5, F-Prot Antivirus versi\u00f3n 4.6.2.117, VirusBuster versi\u00f3n 13.6.151.0, Fortinet antivirus versi\u00f3n 4.2.254.0, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, K7 AntiVirus versi\u00f3n 9.77.3565, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, Kaspersky Antivirus versi\u00f3n 7.0.0.125, Jiangmin Antivirus versi\u00f3n 13.0.900, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, Sophos Anti-Virus versi\u00f3n 4.61.0, NOD32 Antivirus versi\u00f3n 5795, Avira AntiVir versi\u00f3n 7.11.1.163, Norman Antivirus versi\u00f3n 6.06.12, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, Panda Antivirus versi\u00f3n 10.0.2.7, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Comodo Antivirus versi\u00f3n 7424, Bitdefender versi\u00f3n 7.2, eSafe versi\u00f3n 7.0.17.0, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, nProtect Versi\u00f3n antivirus 2011-01-17.01, AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, AVG Anti-Virus versi\u00f3n 10.0.0.1190, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, y VBA32 versi\u00f3n 3.12.14.2, permite a los atacantes remotos asistidos por el usuario omitir la detecci\u00f3n de malware por medio de un archivo RAR con una inicial Secuencia de caracteres MZ. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador RAR."
}
],
"id": "CVE-2012-1443",
"lastModified": "2024-11-21T01:36:59.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80454"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80455"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80456"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80457"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80458"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80459"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80460"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80461"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80467"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80468"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80469"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80471"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80472"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52612"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-06 22:04
Modified
2024-11-21 00:09
Severity ?
Summary
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "902416C3-C831-4528-8BCD-FD92B44ED660",
"versionEndIncluding": "0.88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly."
}
],
"id": "CVE-2006-1615",
"lastModified": "2024-11-21T00:09:18.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-06T22:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19534"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19536"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19564"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19567"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19570"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19608"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20077"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23719"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638"
},
{
"source": "cve@mitre.org",
"url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1024"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/24458"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17388"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17951"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1258"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1779"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=407078\u0026group_id=86638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://up2date.astaro.com/2006/05/low_up2date_6202.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25661"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-30 15:00
Modified
2024-11-21 01:18
Severity ?
Summary
Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21D5E836-6D0B-4DCB-ACE2-141CEE296E30",
"versionEndIncluding": "0.96.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n find_stream_bounds en pdf.c en libclamav en ClamAV, en versiones anteriores a la 0.96.3, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento PDF manipulado. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-3434",
"lastModified": "2024-11-21T01:18:43.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-09-30T15:00:04.393",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
},
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=dc5143b4669ae39c79c9af50d569c28c798f33da"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3434"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/09/22/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/09/27/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2455"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=dc5143b4669ae39c79c9af50d569c28c798f33da"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/22/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/27/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2226"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA7BE61-355F-48AD-91F3-79A9A91B5FD4",
"versionEndIncluding": "0.95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8_:rc3:*:*:*:*:*:*",
"matchCriteriaId": "61ABEE1A-AABB-47D3-941D-81DCB198DC0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAD151A-2494-41A5-9FDB-CE0082333FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC10D578-B4C4-48A3-ADB6-09BEFEB440E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4A3CF4-5295-47B5-8CC6-BD5B07C6618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "E28D6C24-5BF9-496D-AA74-28A5D1455225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D90B7512-74E3-4578-9473-1C8B1759B933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "52584216-2921-4299-AC4E-2118EA72997B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC1A194-C333-4AAC-AE23-9ADEFFAA6377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "61F0A16A-4B50-4CF0-B857-3BAC06CDD54E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "30CD371C-7B08-4A4B-AEB7-AC6BD199EE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBFE202-86D7-4AE3-AC5B-0902B5FEF18A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB0CE5-C6E7-469D-B3E4-1AB7FF677DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B28501-9959-41D4-AA04-70706792611E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5511BAA8-2BA1-45C2-A4FB-6B8285CE62DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "A756F525-1527-49FB-B045-9709FA957836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding."
},
{
"lang": "es",
"value": "La macro CLI_ISCONTAINED en libclamav/others.h en ClamAV anteriores a v0.95.1 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un fichero malformado con codificaci\u00f3n UPack."
}
],
"id": "CVE-2009-1371",
"lastModified": "2024-11-21T01:02:19.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T15:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/53602"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34612"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34654"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34716"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-756-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"source": "cve@mitre.org",
"url": "https://launchpad.net/bugs/360502"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/53602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-756-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://launchpad.net/bugs/360502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-01 08:15
Modified
2024-11-21 07:40
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "40572314-306A-4594-A279-216B8139B7A0",
"versionEndExcluding": "1.20.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "726A787E-E64F-4906-9BAE-4F79EB530F1F",
"versionEndExcluding": "1.21.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "C4F63447-CA0E-43FC-8FF1-B4032D21E32A",
"versionEndExcluding": "7.5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D0FC45E7-C4AB-4AC5-87AB-0ED1508CCFF3",
"versionEndExcluding": "8.1.5",
"versionStartIncluding": "8.0.1.21160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07BFC8FC-6CF0-49DA-B4ED-5B7936A4233E",
"versionEndExcluding": "3.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFF7AB1-33C6-4627-9950-2F2E48BCCC7E",
"versionEndExcluding": "12.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8361D69-981F-4F28-86F9-EFF202C9E537",
"versionEndExcluding": "14.0.4-005",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6E494A-FCA7-4569-847D-2AA3C14C3E79",
"versionEndExcluding": "14.5.1-013",
"versionStartIncluding": "14.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8B1F66-9FD3-4970-BDA3-26241B18B4AA",
"versionEndExcluding": "15.0.0-254",
"versionStartIncluding": "15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF08008-9C84-4075-8AB7-233209E4F3C0",
"versionEndIncluding": "0.103.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14FA7424-A3E5-4F46-83F8-E9767330F1CE",
"versionEndIncluding": "0.105.1",
"versionStartIncluding": "0.104.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A381BD3C-88E0-41FD-91E6-26BCF78B84CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "88BE0B1C-4515-40EA-ADDD-A04BF50743DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FB00FEFE-F8A2-482D-A7EE-002DA4E10FF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88CF061E-FFD8-48DE-887F-2119C916E2B4",
"versionEndExcluding": "3.7.35",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F499B698-4EB6-4262-BAF4-9BDE7F114805",
"versionEndExcluding": "3.11.23",
"versionStartIncluding": "3.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40519377-ECDC-41E2-B6A6-7F601AC28ACD",
"versionEndExcluding": "4.3.17",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77BAC9BA-B215-490F-9202-617B1B4E7C8A",
"versionEndExcluding": "4.6.4",
"versionStartIncluding": "4.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
}
],
"id": "CVE-2023-20032",
"lastModified": "2024-11-21T07:40:23.950",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-01T08:15:11.907",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-16 19:28
Modified
2024-11-21 00:27
Severity ?
Summary
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| apple | mac_os_x_server | * | |
| debian | debian_linux | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA546DD9-A29C-4D82-8E21-80619B2FF25B",
"versionEndExcluding": "0.90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D0444E-6B76-46EE-95EF-617F8967F6B6",
"versionEndExcluding": "10.4.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor."
},
{
"lang": "es",
"value": "Clam AntiVirus ClamAV anterior a 0.90 no cierra los descriptores de apertura de ficheros bajo ciertas condiciones, lo cual permite a atacantes remotos provocar denegaci\u00f3n de servicio (consumo del descriptor de fichero y fallo de escaneo) a trav\u00e9s de archivos CAB \t\r\ncon una longitud de registro con una cabecera cabinet(.CAB) de cero, lo cual provoca que una funci\u00f3n retorne sin cerrar el descriptor de fichero."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product release:\nClam AntiVirus, ClamAV, 0.90 Stable",
"id": "CVE-2007-0897",
"lastModified": "2024-11-21T00:27:00.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2007-02-16T19:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/32283"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24183"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24187"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24192"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24319"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24332"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24425"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.debian.org/security/2007/dsa-1263"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22580"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017659"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2007/0623"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/32283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.debian.org/security/2007/dsa-1263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2007/0623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32531"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-07 23:15
Modified
2024-11-21 00:40
Severity ?
Summary
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/29/2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2007-6745 | Not Applicable, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2007-6745 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/29/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2007-6745 | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2007-6745 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.91.2 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "clamav 0.91.2 suffers from a floating point exception when using ScanOLE2."
},
{
"lang": "es",
"value": "clamav versi\u00f3n 0.91.2, sufre de una excepci\u00f3n de coma flotante cuando usa ScanOLE2."
}
],
"id": "CVE-2007-6745",
"lastModified": "2024-11-21T00:40:54.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-07T23:15:10.047",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2007-6745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-6745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/29/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2007-6745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-6745"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-26 18:30
Modified
2024-11-21 01:14
Severity ?
Summary
The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C54DF556-823D-4676-9A5B-C16B3D900EE2",
"versionEndIncluding": "0.96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length."
},
{
"lang": "es",
"value": "La funci\u00f3n cli_pdf en libclamav/pdf.c en ClamAV anterior v0.96.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un archivo PDF manipulado, relacionado con una inconsistencia en la longitud de cadena calculada y la longuitud real de la cadena. \r\n"
}
],
"id": "CVE-2010-1639",
"lastModified": "2024-11-21T01:14:51.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-05-26T18:30:01.797",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39895"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43752"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/40317"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024017"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055771.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055777.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-03 18:59
Modified
2024-11-21 02:46
Severity ?
Summary
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EBFCFC-258F-4434-A130-09B40727899E",
"versionEndIncluding": "0.99.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file."
},
{
"lang": "es",
"value": "ClamAV (tambi\u00e9n conocido como Clam AntiVirus) en versiones anteriores a 0.99.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo 7z manipulado."
}
],
"id": "CVE-2016-1372",
"lastModified": "2024-11-21T02:46:17.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-03T18:59:03.797",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93221"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-27 09:29
Modified
2024-11-21 03:37
Severity ?
Summary
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "854F8DE4-3478-421D-9512-7D321291B001",
"versionEndIncluding": "0.99.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400."
},
{
"lang": "es",
"value": "clamscan en ClamAV, en versiones anteriores a la 0.99.4, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas al gestionar los archivos Portable Document Format (.pdf) enviados a un dispositivo afectado. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando un archivo .pdf manipulado a un dispositivo afectado. Esta acci\u00f3n podr\u00eda provocar una lectura fuera de l\u00edmites cuando ClamAV escanea el archivo malicioso, lo que permitir\u00eda que el atacante provocase un DoS. Esto afecta a pdf_parse_array y pdf_parse_string en libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400."
}
],
"id": "CVE-2018-0202",
"lastModified": "2024-11-21T03:37:43.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-27T09:29:00.387",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11973"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11980"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3592-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11942 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11942 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas al gestionar los archivos Portable Document Format (.pdf) enviados a un dispositivo afectado. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando un archivo .pdf manipulado a un dispositivo afectado. Esta acci\u00f3n podr\u00eda provocar un desbordamiento de b\u00fafer en handle_pdfname (en pdf.c) cuando ClamAV escanea el archivo malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS o ejecute c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-12376",
"lastModified": "2024-11-21T03:09:24.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.427",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11942"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 17:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "27ADFD65-7F57-461B-AD74-FF8F7950B5E1",
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA3B921-70F0-455E-84F0-EA08498AEB4D",
"versionEndIncluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "2D18B72E-A39C-4355-880C-D8F56F69DEC1",
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "7EB9082D-A730-4BC0-A7C3-FD41C9B90C62",
"versionEndExcluding": "1.17.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "941865DD-D900-4FF7-B94B-8A4849653E01",
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E65C72-96CF-445D-9A4C-ED82ED79882E",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "30810C03-D9F9-4CD2-B276-11E9302F245C",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
},
{
"lang": "es",
"value": "El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos CHM de Clam AntiVirus (ClamAV) versiones 0.104.0 hasta 0.104.2 y LTS versi\u00f3n 0.103.5 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Para una descripci\u00f3n de esta vulnerabilidad, vea el blog de ClamAV. Este aviso ser\u00e1 actualizado a medida que est\u00e9 disponible informaci\u00f3n adicional"
}
],
"id": "CVE-2022-20770",
"lastModified": "2024-11-21T06:43:31.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T17:15:08.377",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-26 18:30
Modified
2024-11-21 01:14
Severity ?
Summary
Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite (Off-by-one) en la funci\u00f3n parseicon en libclamav/pe_icons.c in ClamAV v0.96 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un icono manipulado PE que lanza una lectura fuera de l\u00edmites, relacionado con un redondeo inadecuado durante el escalado. \r\n"
}
],
"id": "CVE-2010-1640",
"lastModified": "2024-11-21T01:14:51.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-26T18:30:01.827",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1"
},
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39895"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/40318"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blobdiff%3Bf=libclamav/pe_icons.c%3Bh=3f1bc5be69d0f9d84e576814d1a3cc6f40c4ff2c%3Bhp=39a714f05968f9e929576bf171dd0eb58bf06bef%3Bhb=7f0e3bbf77382d9782e0189bf80f5f59a95779b3%3Bhpb=f0eb394501ec21b9fe67f36cbf5db788711d4236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/05/21/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2031"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-17 18:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "382C1E36-4A39-45D3-B23B-425A4B0284AD",
"versionEndExcluding": "0.104.3",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
}
],
"id": "CVE-2022-20803",
"lastModified": "2024-11-21T06:43:35.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-17T18:15:11.740",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-06 04:15
Modified
2024-11-21 00:27
Severity ?
Summary
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2007-0899 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2007-0899 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A084E6-729D-4CD6-B0C9-B22489020C9A",
"versionEndExcluding": "0.100.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a possible heap overflow in libclamav/fsg.c before 0.100.0."
},
{
"lang": "es",
"value": "Existe un posible desbordamiento de la pila en el archivo libclamav/fsg.c versiones anteriores a la versi\u00f3n 0.100.0."
}
],
"id": "CVE-2007-0899",
"lastModified": "2024-11-21T00:27:00.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-06T04:15:10.163",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-0899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2007-0899"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149 | Issue Tracking, Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168 | Issue Tracking, Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBBAEE7-0000-41B3-A6FA-2BF16974BB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B95B689C-B764-4C6A-A83D-9F9F44451681",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de escaneo del Formato de Documento Port\u00e1til (PDF) de las versiones 0.101.1 y 0.101.0 del software Clam AntiVirus (ClamAV), podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a la falta de mecanismos apropiados de manejo de datos dentro del b\u00fafer del dispositivo cuando se indexan los datos de archivo restantes en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo archivos PDF creados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n de lectura fuera de l\u00edmites, resultando en un bloqueo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado."
}
],
"id": "CVE-2019-1786",
"lastModified": "2024-11-21T04:37:22.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T19:29:05.480",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-14 06:15
Modified
2024-11-21 06:43
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 20.04 | |
| canonical | ubuntu_linux | 20.10 | |
| canonical | ubuntu_linux | 21.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "C04A315F-E440-4760-8208-FA8FFF30368A",
"versionEndExcluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E51033D-0691-499E-9279-C5C15CD498DF",
"versionEndExcluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E9B9B-ADDB-4D2F-A857-685BD30CE856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "338B3AAC-C147-4A31-95E7-6E8A6FB4B3FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF1C1CC-3FAE-4DE3-BC41-E5B14D5721F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de OOXML en el software Clam AntiVirus (ClamAV) versi\u00f3n 0.104.1 y LTS versiones 0.103.4 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a comprobaciones inapropiadas que pueden resultar en una lectura de un puntero no v\u00e1lido. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un archivo OOXML dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar el bloqueo del proceso de escaneo de ClamAV, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2022-20698",
"lastModified": "2024-11-21T06:43:21.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-14T06:15:09.570",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 17:15
Modified
2024-11-21 06:43
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "27ADFD65-7F57-461B-AD74-FF8F7950B5E1",
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA3B921-70F0-455E-84F0-EA08498AEB4D",
"versionEndIncluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "2D18B72E-A39C-4355-880C-D8F56F69DEC1",
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "7EB9082D-A730-4BC0-A7C3-FD41C9B90C62",
"versionEndExcluding": "1.17.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "941865DD-D900-4FF7-B94B-8A4849653E01",
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E65C72-96CF-445D-9A4C-ED82ED79882E",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "30810C03-D9F9-4CD2-B276-11E9302F245C",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
},
{
"lang": "es",
"value": "El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos TIFF de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versi\u00f3n 0.103.5 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Para una descripci\u00f3n de esta vulnerabilidad, vea el blog de ClamAV. Este aviso ser\u00e1 actualizado a medida que est\u00e9 disponible informaci\u00f3n adicional"
}
],
"id": "CVE-2022-20771",
"lastModified": "2024-11-21T06:43:31.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T17:15:08.440",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-19 15:15
Modified
2024-11-21 05:58
Severity ?
Summary
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://advisories.stormshield.eu/2021-003/ | Broken Link, Vendor Advisory | |
| cve@mitre.org | https://blog.clamav.net/2021/02/clamav-01031-patch-release.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://advisories.stormshield.eu/2021-003/ | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2021/02/clamav-01031-patch-release.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netasq_project | netasq | * | |
| stormshield | stormshield_network_security | * | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netasq_project:netasq:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9706560E-DD3E-45D1-895C-5EE59C7DFB3C",
"versionEndIncluding": "9.1.11",
"versionStartIncluding": "9.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20C1A2CD-7802-4497-B87D-8D49506B7BCB",
"versionEndIncluding": "4.2.0",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22A4DD0B-BD39-4BC7-BB23-114AFC9C2FAD",
"versionEndIncluding": "0.103.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1."
},
{
"lang": "es",
"value": "El componente ClamAV Engine (versi\u00f3n 0.103.1 e inferior) incrustado en Storsmshield Network Security (SNS) est\u00e1 sujeto a DoS en caso de analizar archivos png malformados. Esto afecta a las versiones 9.1.0 a 9.1.11 de Netasq y a las versiones 1.0.0 a 4.2.0 de SNS. Este problema se ha solucionado en SNS versiones 3.7.19, 3.11.7 y 4.2.1."
}
],
"id": "CVE-2021-27506",
"lastModified": "2024-11-21T05:58:07.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-19T15:15:12.650",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://advisories.stormshield.eu/2021-003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://advisories.stormshield.eu/2021-003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/02/clamav-01031-patch-release.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Comodo Antivirus versi\u00f3n 7424, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, F-Prot Antivirus versi\u00f3n 4.6.2.117, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, Fortinet Antivirus versi\u00f3n 4.2.254.0, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12, nProtect antivirus versi\u00f3n 2011-01-17.01, Panda Antivirus versi\u00f3n 10.0.2.7, PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, Sophos Anti-Virus versi\u00f3n 4.61.0, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0, permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud correspondiente a toda la entrada, adem\u00e1s de parte del encabezado de la siguiente entrada. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1459",
"lastModified": "2024-11-21T01:37:02.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80390"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-18 20:29
Modified
2024-11-21 03:07
Severity ?
Summary
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libmspack_project | libmspack | 0.5 | |
| clamav | clamav | 0.99.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libmspack_project:libmspack:0.5:alpha:*:*:*:*:*:*",
"matchCriteriaId": "986DA387-2AD7-4B4B-9153-FAAC30954623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5643323C-F44D-4F04-A710-D25EA28D301F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file."
},
{
"lang": "es",
"value": "La funci\u00f3n cabd_read_string en el archivo mspack/cabd.c en libmspack versi\u00f3n 0.5alpha, tal como se usa en ClamAV versi\u00f3n 0.99.2 y otros productos, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (exceso lectura del b\u00fafer en la regi\u00f3n stack de la memoria y bloqueo de aplicaci\u00f3n) por medio de un archivo CAB creado."
}
],
"id": "CVE-2017-11423",
"lastModified": "2024-11-21T03:07:45.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-18T20:29:00.263",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11873"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:26
Severity ?
Summary
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E1E6F8-6DF9-477D-9D4D-AFF6E74835D7",
"versionEndIncluding": "0.98.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file."
},
{
"lang": "es",
"value": "El decodificador upx en ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero manipulado."
}
],
"id": "CVE-2015-2170",
"lastModified": "2024-11-21T02:26:54.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-12T19:59:09.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-03 16:59
Modified
2024-11-21 02:25
Severity ?
Summary
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8810B2-4530-4831-A900-02BD21DA7F54",
"versionEndIncluding": "0.98.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an \"incorrect compiler optimization.\""
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero de empaquetador \u0027petite\u0027 (petite packer) manipulado, relacionado con una \u0027optimizaci\u00f3n del compilador incorrecta.\u0027"
}
],
"id": "CVE-2015-1463",
"lastModified": "2024-11-21T02:25:28.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-03T16:59:34.937",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-15 17:29
Modified
2024-11-21 03:50
Severity ?
Summary
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614102C4-FC5F-46B0-B7FF-F9215CDCF4E1",
"versionEndExcluding": "0.100.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the \"unmew11()\" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las versiones anteriores a la 0.100.2 de ClamAV podr\u00eda permitir que un atacante provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un error relacionado con el desempaquetador MEW en la funci\u00f3n \"unmew11()\" en libclamav/mew.c, que podr\u00eda explicarse para desencadenar un acceso inv\u00e1lido de lectura a la memoria mediante un archivo EXE especialmente manipulado."
}
],
"id": "CVE-2018-15378",
"lastModified": "2024-11-21T03:50:39.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-15T17:29:00.677",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3789-1/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3789-2/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3789-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3789-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:src2:*:*:*:*:*:*",
"matchCriteriaId": "6D8C3234-5194-4E3B-8503-526CB99E0E4C",
"versionEndIncluding": "0.95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8_:rc3:*:*:*:*:*:*",
"matchCriteriaId": "61ABEE1A-AABB-47D3-941D-81DCB198DC0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAD151A-2494-41A5-9FDB-CE0082333FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC10D578-B4C4-48A3-ADB6-09BEFEB440E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4A3CF4-5295-47B5-8CC6-BD5B07C6618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "E28D6C24-5BF9-496D-AA74-28A5D1455225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D90B7512-74E3-4578-9473-1C8B1759B933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "52584216-2921-4299-AC4E-2118EA72997B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEC1A194-C333-4AAC-AE23-9ADEFFAA6377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "61F0A16A-4B50-4CF0-B857-3BAC06CDD54E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "30CD371C-7B08-4A4B-AEB7-AC6BD199EE15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBFE202-86D7-4AE3-AC5B-0902B5FEF18A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBB0CE5-C6E7-469D-B3E4-1AB7FF677DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B28501-9959-41D4-AA04-70706792611E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "5511BAA8-2BA1-45C2-A4FB-6B8285CE62DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91_rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "A756F525-1527-49FB-B045-9709FA957836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n cli_url_canon en libclamav/phishcheck.c en ClamAV antes de 0.95.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una URL manipulada."
}
],
"id": "CVE-2009-1372",
"lastModified": "2024-11-21T01:02:19.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T15:30:00.577",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/53603"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34612"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34446"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/53603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.clamav.net/websvn/filedetails.php?repname=clamav-devel\u0026path=%2Ftrunk%2FChangeLog\u0026rev=5032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 09:15
Modified
2024-11-21 06:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30AC5889-743E-433E-97A7-2657A1F5C273",
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA3B921-70F0-455E-84F0-EA08498AEB4D",
"versionEndIncluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo regex usado por el m\u00f3dulo de carga de la base de datos de firmas de Clam AntiVirus (ClamAV) versiones 0.104.0 hasta 0.104.2 y LTS versiones 0.103.5 y anteriores, podr\u00eda permitir a un atacante local autenticado bloquear ClamAV en el momento de la carga de la base de datos, y posiblemente obtener una ejecuci\u00f3n de c\u00f3digo. La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de l\u00edmites que puede resultar en una escritura de desbordamiento del b\u00fafer de la pila de varios bytes. Un atacante podr\u00eda explotar esta vulnerabilidad al colocar un archivo de base de datos de firmas CDB ClamAV dise\u00f1ado en el directorio de la base de datos de ClamAV. Una explotaci\u00f3n podr\u00eda permitir al atacante ejecutar c\u00f3digo como el usuario clamav"
}
],
"id": "CVE-2022-20792",
"lastModified": "2024-11-21T06:43:33.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T09:15:08.197",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=12284 | Issue Tracking, Third Party Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=12284 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBBAEE7-0000-41B3-A6FA-2BF16974BB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B95B689C-B764-4C6A-A83D-9F9F44451681",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de an\u00e1lisis de archivos RAR del software Clam AntiVirus (ClamAV) versiones 0.101.1 y 0.101.0 podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a la falta de mecanismos apropiados de manejo de errores al procesar archivos RAR anidados enviados a un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo RAR creado a un dispositivo afectado. Una vulnerabilidad podr\u00eda permitir al atacante ver o crear archivos arbitrarios en el sistema de destino."
}
],
"id": "CVE-2019-1785",
"lastModified": "2024-11-21T04:37:22.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T19:29:05.433",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-07-02 10:30
Modified
2024-11-21 00:57
Severity ?
Summary
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E71D5324-4A45-4428-A0AE-0270C9A9DBE5",
"versionEndIncluding": "0.93.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file."
},
{
"lang": "es",
"value": "La caracter\u00edstica de descompresi\u00f3n en ClamAV v0.93.3 y anteriores permite a los atacantes remotos causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) a trav\u00e9s de un archivo LZH corrupto."
}
],
"id": "CVE-2008-6845",
"lastModified": "2024-11-21T00:57:36.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-02T10:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/51963"
},
{
"source": "cve@mitre.org",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499078/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499078/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32752"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-03 18:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "313364AD-2D04-4292-932A-33CC851EA16E",
"versionEndExcluding": "0.95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive."
},
{
"lang": "es",
"value": "Vulnerabilidad inespec\u00edfica en ClamAV en versiones anteriores a v0.95 lo que permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo RAR modificado."
}
],
"id": "CVE-2009-1241",
"lastModified": "2024-11-21T01:01:59.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-03T18:30:00.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/502366/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34344"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/502366/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2009/0934"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-05 11:02
Modified
2024-11-21 00:02
Severity ?
Summary
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC49FEEA-FB10-457F-9277-19A75F30D3B5",
"versionEndIncluding": "0.87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length."
}
],
"id": "CVE-2005-3501",
"lastModified": "2024-11-21T00:02:02.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-11-05T11:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17184"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17434"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17451"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17501"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17559"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/150"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015154"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368319"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2005/dsa-887"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=334\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:205"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20484"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15317"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=368319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=334\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2294"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-07 13:53
Modified
2024-11-21 01:20
Severity ?
Summary
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A395C07-9953-44C1-A16E-0DF2229E0855",
"versionEndIncluding": "0.96.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) \"bb #2358\" and (2) \"bb #2396.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en pdf.c en libclamav en ClamAV, en versiones anteriores a la 0.96.5, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento PDF manipulado, tambi\u00e9n conocido como (1) \"bb #2358\" y (2) \"bb #2396.\""
}
],
"id": "CVE-2010-4260",
"lastModified": "2024-11-21T01:20:33.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-07T13:53:29.677",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42523"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "secalert@redhat.com",
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2396"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-16 17:29
Modified
2024-11-21 03:38
Severity ?
Summary
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securitytracker.com/id/1041367 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html | Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041367 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201904-12 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8520A23A-53E5-4D3B-BF38-05F54E1FA66D",
"versionEndExcluding": "0.100.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file."
},
{
"lang": "es",
"value": "ClamAV en versiones anteriores a la 0.100.1 carece de una comprobaci\u00f3n de longitud de objeto, lo que resulta en un tiempo demasiado largo para analizar un archivo relativamente peque\u00f1o."
}
],
"id": "CVE-2018-0361",
"lastModified": "2024-11-21T03:38:03.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-16T17:29:00.330",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11944 | Exploit, Issue Tracking, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11944 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in the message parsing function on an affected system. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a messageAddArgument (in message.c) buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition or execute arbitrary code on an affected device."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas en la funci\u00f3n de an\u00e1lisis de mensajes en un dispositivo afectado. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando un email manipulado a un dispositivo afectado. Esta acci\u00f3n podr\u00eda provocar una condici\u00f3n de desbordamiento de b\u00fafer en messageAddArgument (en message.c) cuando ClamAV escanea el email malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS o ejecute c\u00f3digo arbitrario en un dispositivo afectado."
}
],
"id": "CVE-2017-12379",
"lastModified": "2024-11-21T03:09:25.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.613",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11944"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-07 03:29
Modified
2024-11-21 03:29
Severity ?
Summary
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libmspack_project | libmspack | 0.5 | |
| clamav | clamav | 0.99.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libmspack_project:libmspack:0.5:alpha:*:*:*:*:*:*",
"matchCriteriaId": "986DA387-2AD7-4B4B-9153-FAAC30954623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5643323C-F44D-4F04-A710-D25EA28D301F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file."
},
{
"lang": "es",
"value": "mspack/lzxd.c en libmspack 0.5alpha, como se utiliza en la versi\u00f3n 0.99.2 de ClamAV permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica y ca\u00edda de la aplicaci\u00f3n) o posiblemente, tener otro impacto no especificado utilizando un archivo CHM manipulado."
}
],
"id": "CVE-2017-6419",
"lastModified": "2024-11-21T03:29:44.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T03:29:00.277",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-11 01:13
Modified
2024-11-21 00:50
Severity ?
Summary
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E71D5324-4A45-4428-A0AE-0270C9A9DBE5",
"versionEndIncluding": "0.93.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the \"error path\" in (1) libclamav/others.c and (2) libclamav/sis.c."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades sin especificar en ClamAV anterior a 0.94 tiene un impacto y vectores desconocidos relacionado con el filtrado del descriptor de archivos sobre el \"error_path\" en (1)libclamav/others.c y (2) libclamav/sis.c."
}
],
"id": "CVE-2008-3914",
"lastModified": "2024-11-21T00:50:27.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T01:13:41.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45058"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 17:15
Modified
2024-11-21 06:43
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | * | |
| clamav | clamav | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88C4C7F2-497A-44A1-80C2-E11A916767EF",
"versionEndExcluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "27ADFD65-7F57-461B-AD74-FF8F7950B5E1",
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E51033D-0691-499E-9279-C5C15CD498DF",
"versionEndExcluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "2D18B72E-A39C-4355-880C-D8F56F69DEC1",
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "7EB9082D-A730-4BC0-A7C3-FD41C9B90C62",
"versionEndExcluding": "1.17.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "941865DD-D900-4FF7-B94B-8A4849653E01",
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E65C72-96CF-445D-9A4C-ED82ED79882E",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "30810C03-D9F9-4CD2-B276-11E9302F245C",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available."
},
{
"lang": "es",
"value": "El 20 de abril de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en el analizador de archivos HTML de Clam AntiVirus (ClamAV) versiones 0.104.0 a 0.104.2 y LTS versi\u00f3n 0.103.5 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Para una descripci\u00f3n de esta vulnerabilidad, vea el blog de ClamAV. Este aviso ser\u00e1 actualizado a medida que se disponga de informaci\u00f3n adicional"
}
],
"id": "CVE-2022-20785",
"lastModified": "2024-11-21T06:43:33.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T17:15:08.680",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11946 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11946 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas de archivos .tar (Tape Archive) enviados a un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda provocar una sobrelectura de b\u00fafer basada en suma de verificaci\u00f3n cuando ClamAV escanea el archivo .tar malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS en el dispositivo afectado."
}
],
"id": "CVE-2017-12378",
"lastModified": "2024-11-21T03:09:25.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.550",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11946"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-11 01:13
Modified
2024-11-21 00:50
Severity ?
Summary
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E80C5B4C-3ED8-41B2-85CE-60CC51C51B13",
"versionEndExcluding": "0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to \"error handling logic\"."
},
{
"lang": "es",
"value": "M\u00faltiples fugas de memoria en freshclam/manager.c de ClamAV versiones anteriores a 0.94 puede permitir a atacantes provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de vectores no especificados relacionados con \"una ruta err\u00f3nea\"."
}
],
"id": "CVE-2008-3913",
"lastModified": "2024-11-21T00:50:27.690",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T01:13:41.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-22.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-18.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=86638\u0026release_id=623661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/04/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-03 16:59
Modified
2024-11-21 02:20
Severity ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8810B2-4530-4831-A900-02BD21DA7F54",
"versionEndIncluding": "0.98.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\""
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un fichero de desempaquetar el empaquetador (upack packer) manipulado, relacionado con una \u0027condici\u00f3n de memoria din\u00e1mica fuera de rango.\u0027"
}
],
"id": "CVE-2014-9328",
"lastModified": "2024-11-21T02:20:37.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-03T16:59:02.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62757"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72372"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-05 21:55
Modified
2024-11-21 01:28
Severity ?
Summary
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3070D00E-F970-418A-9806-120FEF9B8F59",
"versionEndIncluding": "0.97.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46B894DD-4E46-445D-8907-BD2B01B9672D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:*:*:*:*:*:*:*",
"matchCriteriaId": "97DC1A6E-1635-4A05-93F9-B9344C1B1D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:rc:*:*:*:*:*:*",
"matchCriteriaId": "B7B62305-E285-4471-9D75-64421751E370",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations."
},
{
"lang": "es",
"value": "Error \"off-by-one\" (desbordamiento en un elemento del array) en la funci\u00f3n cli_hm_scan de matcher-hash.c de libclamav de ClamAV en versiones anteriores a la 0.97.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de un correo electr\u00f3nico que no es apropiadamente manejado durante determinados c\u00e1lculos de hash."
}
],
"id": "CVE-2011-2721",
"lastModified": "2024-11-21T01:28:49.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-05T21:55:08.843",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2"
},
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45382"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46717"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025858"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:122"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/13"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/74181"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/48891"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1179-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=708263"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725694"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68785"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/26/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/74181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1179-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=708263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| alwil | avast_antivirus | 4.8.1351.0 | |
| alwil | avast_antivirus | 5.0.677.0 | |
| anti-virus | vba32 | 3.12.14.2 | |
| antiy | avl_sdk | 2.0.3.7 | |
| authentium | command_antivirus | 5.2.11.5 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| avira | antivir | 7.11.1.163 | |
| bitdefender | bitdefender | 7.2 | |
| cat | quick_heal | 11.00 | |
| clamav | clamav | 0.96.4 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| gdata-software | g_data_antivirus | 21 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| k7computing | antivirus | 9.77.3565 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| microsoft | security_essentials | 2.0 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| pc_tools | pc_tools_antivirus | 7.0.3.5 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 | |
| virusbuster | virusbuster | 13.6.151.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, eSafe versi\u00f3n 7.0.17.0, F-Prot antivirus versi\u00f3n 4.6.2.117, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12 , PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0 , permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud que supera el tama\u00f1o total del archivo TAR. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1457",
"lastModified": "2024-11-21T01:37:01.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.287",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 15:15
Modified
2024-11-21 02:00
Severity ?
Summary
ClamAV before 0.97.7: dbg_printhex possible information leak
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201405-08.xml | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2013/12/13/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2013-7089 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201405-08.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/12/13/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-7089 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 17 | |
| fedoraproject | fedora | 18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "460B3C9B-2306-4765-BD03-C9EA81F01372",
"versionEndExcluding": "0.97.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7: dbg_printhex possible information leak"
},
{
"lang": "es",
"value": "ClamAV versiones anteriores a la versi\u00f3n 0.97.7: posible fuga de informaci\u00f3n de la funci\u00f3n dbg_printhex."
}
],
"id": "CVE-2013-7089",
"lastModified": "2024-11-21T02:00:19.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T15:15:11.700",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7089"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-03 16:59
Modified
2024-11-21 02:25
Severity ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8810B2-4530-4831-A900-02BD21DA7F54",
"versionEndIncluding": "0.98.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a \"heap out of bounds condition.\""
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un fichero de empaquetador upx manipulado, relacionado con una \u0027condici\u00f3n de memoria din\u00e1mica fuera de rango.\u0027"
}
],
"id": "CVE-2015-1462",
"lastModified": "2024-11-21T02:25:28.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-03T16:59:34.093",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:27
Severity ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E1E6F8-6DF9-477D-9D4D-AFF6E74835D7",
"versionEndIncluding": "0.98.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E0D7C3-E368-4F6C-AA67-8E066BB35654",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file."
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un fichero cryptor y0da manipulado."
}
],
"id": "CVE-2015-2221",
"lastModified": "2024-11-21T02:27:01.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-12T19:59:12.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-16 17:29
Modified
2024-11-21 03:38
Severity ?
Summary
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8520A23A-53E5-4D3B-BF38-05F54E1FA66D",
"versionEndExcluding": "0.100.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."
},
{
"lang": "es",
"value": "ClamAV en versiones anteriores a la 0.100.1 tiene un desbordamiento de enteros HWP con un bucle infinito resultante mediante un archivo Hangul Word Processor manipulado. Esto es en parsehwp3_paragraph() en libclamav/hwp.c."
}
],
"id": "CVE-2018-0360",
"lastModified": "2024-11-21T03:38:03.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-16T17:29:00.283",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3722-1/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3722-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3722-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3722-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-01 15:59
Modified
2024-11-21 02:20
Severity ?
Summary
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB90B433-1628-4D60-A48B-FBA140542E0A",
"versionEndIncluding": "0.94.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
},
{
"lang": "es",
"value": "El desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versi\u00f3n 0.98.5, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo y0da Crypter PE dise\u00f1ado."
}
],
"id": "CVE-2014-9050",
"lastModified": "2024-11-21T02:20:10.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-01T15:59:10.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62542"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-05 19:15
Modified
2024-11-21 04:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "711C76B2-40D9-4062-AC2A-44DF21F86808",
"versionEndExcluding": "0.101.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking."
},
{
"lang": "es",
"value": "Las versiones anteriores a la versi\u00f3n 0.101.2 de ClamAV, son susceptibles a una vulnerabilidad de denegaci\u00f3n de servicio (DoS). Una condici\u00f3n de lectura de la pila fuera de l\u00edmites puede presentarse al escanear archivos PE. Un ejemplo son los archivos EXE y DLL de Windows que han sido empaquetados con Aspack como un resultado de la comprobaci\u00f3n inadecuada de l\u00edmites."
}
],
"id": "CVE-2019-1789",
"lastModified": "2024-11-21T04:37:23.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-05T19:15:11.323",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08665A0F-6D95-4546-BAA9-B4E1335E2056",
"versionEndIncluding": "0.101.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de escaneo del PDF (Portable Document Format) en las versiones de software 0.101.1 y anteriores de Clam AntiVirus (ClamAV), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a la falta de mecanismos adecuados para el manejo de datos dentro del b\u00fafer del dispositivo, mientras se indexan los datos de archivo restantes en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando archivos PDF creados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante causar una condici\u00f3n de lectura de b\u00fafer fuera de l\u00edmites, resultando en un cierre inesperado que podr\u00eda causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado."
}
],
"id": "CVE-2019-1787",
"lastModified": "2024-11-21T04:37:22.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T19:29:05.540",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-08 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08665A0F-6D95-4546-BAA9-B4E1335E2056",
"versionEndIncluding": "0.101.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Object Linking \u0026 Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de an\u00e1lisis de archivos Object Linking \u0026 Embedding (OLE2) de las versiones 0.101.1 y anteriores del software Clam AntiVirus (ClamAV) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad se debe a la falta de mecanismos adecuados de comprobaci\u00f3n de entrada y validaci\u00f3n de los archivos OLE2 enviados a un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando archivos OLE2 malformados al dispositivo que ejecuta una versi\u00f3n afectada de ClamAV Software. Un exploit podr\u00eda permitir al atacante causar una condici\u00f3n de escritura fuera de l\u00edmites, resultando en un fallo que podr\u00eda generar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado."
}
],
"id": "CVE-2019-1788",
"lastModified": "2024-11-21T04:37:22.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-08T20:29:11.063",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201904-12"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-13 23:55
Modified
2024-11-21 01:50
Severity ?
Summary
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "71A5DC34-0211-4CCC-BBF1-8A8EB759BACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "7B607D3E-C3E0-41C5-B8A1-4A5CD0BD3FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "839CC519-E08F-4E58-90DA-9CE1AEF2C296",
"versionEndIncluding": "0.97.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46B894DD-4E46-445D-8907-BD2B01B9672D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:*:*:*:*:*:*:*",
"matchCriteriaId": "97DC1A6E-1635-4A05-93F9-B9344C1B1D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:rc:*:*:*:*:*:*",
"matchCriteriaId": "B7B62305-E285-4471-9D75-64421751E370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8D5471-BED3-4411-83B8-DBBC8A67A3D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.2:*:*:*:*:*:*:*",
"matchCriteriaId": "290AE73B-C2E9-43B7-8D28-9EE22BFF66C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0A5703-477B-4967-85D5-D479681C547F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96C838E8-2798-4E00-BF63-642E99648630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0E6887-2440-457F-B27B-53A3823E940F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n cli_scanpe en pe.c en ClamAV anterior a v0.97.8 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un desplazamiento mayor que el tama\u00f1o de las secciones PE en un paquete ejecutable UPX, que dispara un error de salida de rango en la lectura."
}
],
"evaluatorImpact": "Per http://www.ubuntu.com/usn/USN-1816-1/\n\"A security issue affects these releases of Ubuntu and its derivatives:\n\n Ubuntu 13.04\n Ubuntu 12.10\n Ubuntu 12.04 LTS\n Ubuntu 11.10\n Ubuntu 10.04 LTS\"",
"id": "CVE-2013-2020",
"lastModified": "2024-11-21T01:50:52.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-13T23:55:02.243",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53150"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53182"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5892"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7055"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/vrtadmin/clamav-devel/commit/270e368b99e93aa5447d46c797c92c3f9f39f375"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 17:15
Modified
2024-11-21 06:43
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.103.4 | |
| clamav | clamav | 0.103.5 | |
| clamav | clamav | 0.104.1 | |
| clamav | clamav | 0.104.2 | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| cisco | secure_endpoint | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2C58DDEC-8869-4D04-88DA-B76E394E0C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E5521F-C8F7-4547-A441-E828F60F2C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.104.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E787093-A226-4CFB-9D3A-208FE9F085E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.104.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6585F37B-2DB2-407D-B801-2E54B95FFCAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "2D18B72E-A39C-4355-880C-D8F56F69DEC1",
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "7EB9082D-A730-4BC0-A7C3-FD41C9B90C62",
"versionEndExcluding": "1.17.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "941865DD-D900-4FF7-B94B-8A4849653E01",
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E65C72-96CF-445D-9A4C-ED82ED79882E",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "30810C03-D9F9-4CD2-B276-11E9302F245C",
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog."
},
{
"lang": "es",
"value": "El 4 de mayo de 2022, fue divulgada la siguiente vulnerabilidad en ClamAV scanning library versiones 0.103.5 y anteriores y 0.104.2 y anteriores: Una vulnerabilidad en versiones 0.103.4, 0.103.5, 0.104.1 y 0.104.2 de Clam AntiVirus (ClamAV) podr\u00eda permitir a un atacante local autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. Para una descripci\u00f3n de esta vulnerabilidad, vea el blog de ClamAV"
}
],
"id": "CVE-2022-20796",
"lastModified": "2024-11-21T06:43:34.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T17:15:08.797",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-822"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-08 05:15
Modified
2024-11-21 05:44
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/202104-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202104-07 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22A4DD0B-BD39-4BC7-BB23-114AFC9C2FAD",
"versionEndIncluding": "0.103.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de correo electr\u00f3nico del software Clam AntiVirus (ClamAV) versi\u00f3n 0.103.1 y todas las versiones anteriores podr\u00eda permitir a un atacante remoto no autenticado provocar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad se debe a una inicializaci\u00f3n incorrecta de las variables que puede dar lugar a la lectura de un puntero NULL. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un correo electr\u00f3nico manipulado a un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar la ca\u00edda del proceso de escaneo de ClamaV, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-1405",
"lastModified": "2024-11-21T05:44:16.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-08T05:15:13.347",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202104-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202104-07"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-01 15:59
Modified
2024-11-21 01:59
Severity ?
Summary
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "826640A3-34DB-47E0-A06B-597C282CF5DE",
"versionEndIncluding": "0.98.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file."
},
{
"lang": "es",
"value": "clamscan en ClamAV anterior a 0.98.5, cuando utiliza la opci\u00f3n -a, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) como fue demostrado por el fichero jwplayer.js."
}
],
"id": "CVE-2013-6497",
"lastModified": "2024-11-21T01:59:20.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-01T15:59:00.077",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60150"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71178"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11088"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138101"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2488-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98804"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:27
Severity ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.1 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E0D7C3-E368-4F6C-AA67-8E066BB35654",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E1E6F8-6DF9-477D-9D4D-AFF6E74835D7",
"versionEndIncluding": "0.98.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file."
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero empaquetado con Petite manipulado."
}
],
"id": "CVE-2015-2222",
"lastModified": "2024-11-21T02:27:02.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-12T19:59:13.117",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-20 18:15
Modified
2024-11-21 05:31
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 20.04 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8AEC65-C35B-4C19-BEB7-FCA85075B78C",
"versionEndIncluding": "0.102.3",
"versionStartIncluding": "0.102.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de archivo EGG en Clam AntiVirus (ClamAV) Software versiones 0.102.0 - 0.102.3, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a una desreferencia del puntero null. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo EGG dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar el bloqueo del proceso de escaneo de ClamAV, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2020-3481",
"lastModified": "2024-11-21T05:31:09.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-20T18:15:12.420",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4435-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4435-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-03 16:59
Modified
2024-11-21 02:25
Severity ?
Summary
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8810B2-4530-4831-A900-02BD21DA7F54",
"versionEndIncluding": "0.98.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda\u0027s crypter or (2) mew packer file, related to a \"heap out of bounds condition.\""
},
{
"lang": "es",
"value": "ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un fichero de empaquetador (1) Yoda\u0027s crypter o (2) mew manipulado, relacionado con una \u0027condici\u00f3n de memoria din\u00e1mica fuera de rango.\u0027"
}
],
"id": "CVE-2015-1461",
"lastModified": "2024-11-21T02:25:28.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-03T16:59:33.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id/1031672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-13 23:55
Modified
2024-11-21 01:50
Severity ?
Summary
pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| clamav | clamav | 0.97.1 | |
| clamav | clamav | 0.97.2 | |
| clamav | clamav | 0.97.3 | |
| clamav | clamav | 0.97.4 | |
| clamav | clamav | 0.97.5 | |
| clamav | clamav | 0.97.6 | |
| clamav | clamav | 0.97.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "71A5DC34-0211-4CCC-BBF1-8A8EB759BACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "7B607D3E-C3E0-41C5-B8A1-4A5CD0BD3FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8D5471-BED3-4411-83B8-DBBC8A67A3D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.2:*:*:*:*:*:*:*",
"matchCriteriaId": "290AE73B-C2E9-43B7-8D28-9EE22BFF66C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0A5703-477B-4967-85D5-D479681C547F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96C838E8-2798-4E00-BF63-642E99648630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0E6887-2440-457F-B27B-53A3823E940F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECCD536-4323-4DFC-B662-C83F40690C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFD6F5B-D70E-4B9C-9D83-BBF34DD5AD57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file."
},
{
"lang": "es",
"value": "pdf.c en ClamAV v0.97.1 hasta v0.97.7 ermite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de limite) a trav\u00e9s de la modificaci\u00f3n de longitud en un fichero PDF cifrado."
}
],
"evaluatorImpact": "Per http://www.ubuntu.com/usn/USN-1816-1/\n\"A security issue affects these releases of Ubuntu and its derivatives:\n\n Ubuntu 13.04\n Ubuntu 12.10\n Ubuntu 12.04 LTS\n Ubuntu 11.10\n Ubuntu 10.04 LTS\"",
"id": "CVE-2013-2021",
"lastModified": "2024-11-21T01:50:52.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-13T23:55:02.277",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53150"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53182"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5892"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7053"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105575.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/29/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/59434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1816-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=7053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/vrtadmin/clamav-devel/commit/24ff855c82d3f5c62bc5788a5776cefbffce2971"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 15:15
Modified
2024-11-21 02:00
Severity ?
Summary
ClamAV before 0.97.7 has WWPack corrupt heap memory
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 17 | |
| fedoraproject | fedora | 18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "460B3C9B-2306-4765-BD03-C9EA81F01372",
"versionEndExcluding": "0.97.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7 has WWPack corrupt heap memory"
},
{
"lang": "es",
"value": "ClamAV versiones anteriores a la versi\u00f3n 0.97.7, tiene una memoria de la pila corrupta de WWPack."
}
],
"id": "CVE-2013-7087",
"lastModified": "2024-11-21T02:00:19.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T15:15:11.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/58546"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/58546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7087"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-04 22:15
Modified
2024-09-12 17:26
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Summary
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.
The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C21D8C4B-CEBE-422C-A103-B516EBCC34B6",
"versionEndExcluding": "0.103.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D3AF611-42CD-4EC8-9A2A-89AEC62A3D6E",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "0.104.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0EA13B-FFC9-4385-8691-38A90DCE774F",
"versionEndExcluding": "1.3.2",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F43F7-EF41-4CB7-A013-6A8F274F973D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de servicio ClamD de Clam AntiVirus (ClamAV) versiones 1.4.0, 1.3.2 y anteriores, todas las versiones 1.2.x, 1.0.6 y anteriores, todas las versiones 0.105.x, todas las versiones 0.104.x y 0.103.11 y anteriores podr\u00eda permitir que un atacante local autenticado corrompa archivos cr\u00edticos del sistema. La vulnerabilidad se debe a que permite que el proceso ClamD escriba en su archivo de registro mientras tiene privilegios sin comprobar si el archivo de registro ha sido reemplazado por un enlace simb\u00f3lico. Un atacante podr\u00eda aprovechar esta vulnerabilidad si reemplaza el archivo de registro de ClamD por un enlace simb\u00f3lico a un archivo cr\u00edtico del sistema y luego encuentra una forma de reiniciar el proceso ClamD. Una vulnerabilidad podr\u00eda permitir que el atacante corrompa un archivo cr\u00edtico del sistema a\u00f1adiendo mensajes de registro de ClamD despu\u00e9s del reinicio."
}
],
"id": "CVE-2024-20506",
"lastModified": "2024-09-12T17:26:37.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-04T22:15:04.083",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes"
],
"url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:27
Severity ?
Summary
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E1E6F8-6DF9-477D-9D4D-AFF6E74835D7",
"versionEndIncluding": "0.98.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E0D7C3-E368-4F6C-AA67-8E066BB35654",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file."
},
{
"lang": "es",
"value": "ClamAV en versiones anteriores a 0.98.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un fichero del archivo xz."
}
],
"id": "CVE-2015-2668",
"lastModified": "2024-11-21T02:27:48.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-12T19:59:15.930",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "cve@mitre.org",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74472"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201512-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-2594-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201512-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-14 21:19
Modified
2024-11-21 00:31
Severity ?
Summary
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 3.1 | |
| debian | debian_linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "404728DE-0BD0-474A-A520-F78293FC94E8",
"versionEndExcluding": "0.90.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file."
},
{
"lang": "es",
"value": "El analazidor sint\u00e1ctico OLE2 en Clam AntiVirus (ClamAV) permite a atacantes remotos provocar denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s de un archivo OLE2 con (1)un \ttama\u00f1o grande de la propiedad o (2) un bucle en la cadena del bloque del archivo del FAT que dispara un bucle infinito, como se demostr\u00f3 a trav\u00e9s de un archivo DOC manipulado."
}
],
"id": "CVE-2007-2650",
"lastModified": "2024-11-21T00:31:19.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-14T21:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-15.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25244"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25523"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25525"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25553"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25558"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25688"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25796"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-05.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1320"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:115"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2007_33_clamav.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24316"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0020/"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/1776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://kolab.org/security/kolab-vendor-notice-15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200706-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2007_33_clamav.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0020/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/1776"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.96.4 | |
| sophos | sophos_anti-virus | 4.61.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos CHM de Microsoft en ClamAV v0.96.4 y Sophos Anti-Virus v4.61.0 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un intervalo de restablecimiento manipulado en la cabecera LZXC de un archivo CHM. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador de CHM."
}
],
"id": "CVE-2012-1458",
"lastModified": "2024-11-21T01:37:01.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.317",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80473"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80474"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52611"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74301"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062 | Third Party Advisory | |
| ykramarz@cisco.com | https://security.gentoo.org/glsa/202003-46 | Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/4280-1/ | Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/4280-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202003-46 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4280-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4280-2/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | 0.102.0 | |
| clamav | clamav | 0.102.1 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38845FB7-5C4A-4E4F-81D2-F3338DEDC2BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.102.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2744536-CFF5-4A4E-867B-3BFCB3DF3BF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo Data-Loss-Prevention (DLP) en el software Clam AntiVirus (ClamAV) versiones 0.102.1 y 0.102.0, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio sobre un dispositivo afectado. La vulnerabilidad es debido a una lectura fuera de l\u00edmites afectando a usuarios que han habilitado la funcionalidad opcional DLP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo de correo electr\u00f3nico dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar el bloqueo del proceso de escaneo de ClamAV, resultando en una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"id": "CVE-2020-3123",
"lastModified": "2024-11-21T05:30:22.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T18:15:11.203",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4280-1/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4280-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4280-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4280-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-07 13:53
Modified
2024-11-21 01:21
Severity ?
Summary
Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A395C07-9953-44C1-A16E-0DF2229E0855",
"versionEndIncluding": "0.96.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka \"bb #2380,\" a different vulnerability than CVE-2010-4260."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en pdf.c en libclamav en ClamAV antes de v0.96.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento PDF debidamente modificado. Se trata de una vulnerabilidad tambi\u00e9n conocida como \"BB # 2380,\". Es una vulnerabilidad diferente a CVE-2010-4260."
}
],
"id": "CVE-2010-4479",
"lastModified": "2024-11-21T01:21:02.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-07T13:53:30.100",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "cve@mitre.org",
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xorl.wordpress.com/2010/12/06/cve-2010-4260-clamav-multiple-pdf-vulnerabilities/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2380"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-03 18:59
Modified
2024-11-21 02:46
Severity ?
Summary
ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EBFCFC-258F-4434-A130-09B40727899E",
"versionEndIncluding": "0.99.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable."
},
{
"lang": "es",
"value": "ClamAV (tambi\u00e9n conocido como Clam AntiVirus) en versiones anteriores a 0.99.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un ejecutable mew empaquetado manipulado."
}
],
"id": "CVE-2016-1371",
"lastModified": "2024-11-21T02:46:17.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-03T18:59:02.733",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93222"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3093-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-08 16:30
Modified
2024-11-21 00:57
Severity ?
Summary
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42BBC078-58AE-4792-BA8A-CEEF912E8F3E",
"versionEndIncluding": "0.94.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error."
},
{
"lang": "es",
"value": "libclamav/pe.c en ClamAV anteriores a v0.95 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un fichero manipulado que provoca un error de divisi\u00f3n por 0.\r\n"
}
],
"id": "CVE-2008-6680",
"lastModified": "2024-11-21T00:57:10.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-08T16:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34716"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34357"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49845"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2009/04/07/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-754-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-08 17:30
Modified
2024-11-21 01:14
Severity ?
Summary
The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B9F3E211-9E3F-4FDE-A777-B599EC67A1AB",
"versionEndIncluding": "0.96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamavs:clamav:0.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9538B256-D757-440F-9B26-F5562312678A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamavs:clamav:0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "66942C48-9D6A-4367-9808-7BE1AA1447A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "La funci\u00f3n qtm_decompress en libclamav/mspack.c en ClamAV anterior a v0.96, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo CAB manipulado que usa el formato de compresi\u00f3n Quantum (tambi\u00e9n conocido como .Q). NOTA: algunos de estos detalles han sido obtenidos a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-1311",
"lastModified": "2024-11-21T01:14:06.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-08T17:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39293"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39329"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"source": "cve@mitre.org",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/39262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-926-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1771"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cat | quick_heal | 11.00 | |
| clamav | clamav | 0.96.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en ClamAV 0.96.4 y Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo TAR POSIX con una secuencia de caracteres inicial [aliases]. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador TAR."
}
],
"id": "CVE-2012-1419",
"lastModified": "2024-11-21T01:36:56.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.097",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52572"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11940 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11940 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing functions (the rfc2047 function in mbox.c). An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted email to the affected device. This action could cause a buffer overflow condition when ClamAV scans the malicious email, allowing the attacker to potentially cause a DoS condition on an affected device."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a la falta de mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas durante ciertas funciones de an\u00e1lisis de email (la funci\u00f3n rfc2047 en mbox.c). Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando un email manipulado a un dispositivo afectado. Esta acci\u00f3n podr\u00eda provocar una condici\u00f3n de desbordamiento de b\u00fafer cuando ClamAV escanea el email malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS en un dispositivo afectado."
}
],
"id": "CVE-2017-12375",
"lastModified": "2024-11-21T03:09:24.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.363",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11940"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-07 13:53
Modified
2024-11-21 01:20
Severity ?
Summary
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A395C07-9953-44C1-A16E-0DF2229E0855",
"versionEndIncluding": "0.96.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Error Off-by-oneen en la funci\u00f3n icon_cb en pe_icons.c en libclamav en ClamAV anterior v0.96.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda memoria y ca\u00edda de aplicaci\u00f3n) o probablemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceras partes."
}
],
"id": "CVE-2010-4261",
"lastModified": "2024-11-21T01:20:34.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-07T13:53:29.710",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42523"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "secalert@redhat.com",
"url": "http://xorl.wordpress.com/2010/12/05/cve-2010-4261-clamav-icon_cb-off-by-one/"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "secalert@redhat.com",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2010/12/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1031-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xorl.wordpress.com/2010/12/05/cve-2010-4261-clamav-icon_cb-off-by-one/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2344"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-07 03:29
Modified
2024-11-21 03:29
Severity ?
Summary
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5643323C-F44D-4F04-A710-D25EA28D301F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression."
},
{
"lang": "es",
"value": "La funci\u00f3n wwunpack en libclamav/wwunpack.c en ClamAV 0.99.2 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (use-after-free) mediante un archivo PE manipulado con compresi\u00f3n WWPack."
}
],
"id": "CVE-2017-6420",
"lastModified": "2024-11-21T03:29:44.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T03:29:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11798"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-07 03:29
Modified
2024-11-21 03:29
Severity ?
Summary
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.99.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5643323C-F44D-4F04-A710-D25EA28D301F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message."
},
{
"lang": "es",
"value": "Libclamav/message.c en la versi\u00f3n 0.99.2 de ClamAV permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) utilizando un mensaje de correo electr\u00f3nico manipulado."
}
],
"id": "CVE-2017-6418",
"lastModified": "2024-11-21T03:29:44.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T03:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/100154"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11797"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201804-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/100154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201804-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-17 19:55
Modified
2024-11-21 01:30
Severity ?
Summary
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | 0.9 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90.1 | |
| clamav | clamav | 0.90.2 | |
| clamav | clamav | 0.90.3 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91.1 | |
| clamav | clamav | 0.91.2 | |
| clamav | clamav | 0.92 | |
| clamav | clamav | 0.92.1 | |
| clamav | clamav | 0.93 | |
| clamav | clamav | 0.93.1 | |
| clamav | clamav | 0.93.2 | |
| clamav | clamav | 0.93.3 | |
| clamav | clamav | 0.94 | |
| clamav | clamav | 0.94.1 | |
| clamav | clamav | 0.94.2 | |
| clamav | clamav | 0.95 | |
| clamav | clamav | 0.95 | |
| clamav | clamav | 0.95 | |
| clamav | clamav | 0.95 | |
| clamav | clamav | 0.95 | |
| clamav | clamav | 0.95.1 | |
| clamav | clamav | 0.95.2 | |
| clamav | clamav | 0.95.3 | |
| clamav | clamav | 0.96 | |
| clamav | clamav | 0.96 | |
| clamav | clamav | 0.96 | |
| clamav | clamav | 0.96.1 | |
| clamav | clamav | 0.96.2 | |
| clamav | clamav | 0.96.3 | |
| clamav | clamav | 0.96.4 | |
| clamav | clamav | 0.96.5 | |
| clamav | clamav | 0.97 | |
| clamav | clamav | 0.97 | |
| clamav | clamav | 0.97.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "346691FC-A61C-4B10-99AA-2106FDBAC519",
"versionEndIncluding": "0.97.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0BB8C6-F0A3-418F-A457-93A4CC5BB6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc1:*:*:*:*:*:*",
"matchCriteriaId": "65766FB2-392A-4F05-9259-C7B8D6CBDDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E74A119-A76A-47E5-AC5E-9DF700453B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src1:*:*:*:*:*:*",
"matchCriteriaId": "19A73FE2-2D4C-4B47-85C9-F8E3874992B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95:src2:*:*:*:*:*:*",
"matchCriteriaId": "7DB5B3F9-3A02-450D-A6F0-4C640209780B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3241AA52-40F4-49C0-8C04-08610B729E5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C55B1-1C05-4CDB-BFDE-D174F3C0434B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.95.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F59887C-77E2-4AEA-B7CD-A5A24F926D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "CB27B025-3957-4CBB-A985-0B757ECFFBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc1:*:*:*:*:*:*",
"matchCriteriaId": "609BF125-E8A9-4105-9FDE-5FFA9371736F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A037EC78-25BA-4CDC-8DF2-A7EF74489AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A612F05-2260-4924-AD4A-4502AEFFFEFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8FB2F-8080-4E5C-8BE8-3289717A5C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7829A6CE-0FD2-4F49-951D-27598C32B026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46B894DD-4E46-445D-8907-BD2B01B9672D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:*:*:*:*:*:*:*",
"matchCriteriaId": "97DC1A6E-1635-4A05-93F9-B9344C1B1D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97:rc:*:*:*:*:*:*",
"matchCriteriaId": "B7B62305-E285-4471-9D75-64421751E370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.97.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8D5471-BED3-4411-83B8-DBBC8A67A3D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to \"recursion level\" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c."
},
{
"lang": "es",
"value": "El motor de c\u00f3digo de bytes en ClamAV anterior a v0.97.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores relacionados con el \"nivel de recursividad\" y (1) libclamav / bytecode.c y (2) libclamav / bytecode_api.c."
}
],
"id": "CVE-2011-3627",
"lastModified": "2024-11-21T01:30:52.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-11-17T19:55:01.203",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46717"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46826"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/10/18/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50183"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1258-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/10/18/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1258-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=746984"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 15:15
Modified
2024-11-21 02:00
Severity ?
Summary
ClamAV before 0.97.7 has buffer overflow in the libclamav component
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 17 | |
| fedoraproject | fedora | 18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "460B3C9B-2306-4765-BD03-C9EA81F01372",
"versionEndExcluding": "0.97.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV before 0.97.7 has buffer overflow in the libclamav component"
},
{
"lang": "es",
"value": "ClamAV versiones anteriores a la versi\u00f3n 0.97.7, tiene un desbordamiento de b\u00fafer en el componente libclamav."
}
],
"id": "CVE-2013-7088",
"lastModified": "2024-11-21T02:00:19.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T15:15:11.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/58546"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201405-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/58546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7088"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11943 | Exploit, Issue Tracking, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11943 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas en archivos mew packet enviados a un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda provocar una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en mew.c cuando ClamAV escanea el archivo malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS o ejecute c\u00f3digo arbitrario en el dispositivo afectado."
}
],
"id": "CVE-2017-12377",
"lastModified": "2024-11-21T03:09:25.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.487",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-26 20:29
Modified
2024-11-21 03:09
Severity ?
Summary
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| ykramarz@cisco.com | https://bugzilla.clamav.net/show_bug.cgi?id=11939 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| ykramarz@cisco.com | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-1/ | ||
| ykramarz@cisco.com | https://usn.ubuntu.com/3550-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.clamav.net/show_bug.cgi?id=11939 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3550-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| clamav | clamav | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
"versionEndIncluding": "0.99.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail parsing operations (mbox.c operations on bounce messages). If successfully exploited, the ClamAV software could allow a variable pointing to the mail body which could cause a used after being free (use-after-free) instance which may lead to a disruption of services on an affected device to include a denial of service condition."
},
{
"lang": "es",
"value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a la falta de mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas durante ciertas operaciones de an\u00e1lisis de email (operaciones mbox.c en mensajes devueltos). Si se explota con \u00e9xito, ClamAV podr\u00eda permitir que una variable que se\u00f1ale al cuerpo del email provoque una instancia de uso de memoria previamente liberada (use-after-free). Esto podr\u00eda conducir a una interrupci\u00f3n de servicios en el dispositivo afectado para incluir una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2017-12374",
"lastModified": "2024-11-21T03:09:24.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-26T20:29:00.283",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11939"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "ykramarz@cisco.com",
"url": "https://usn.ubuntu.com/3550-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3550-2/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202205-0220
Vulnerability from variot
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ========================================================================== Ubuntu Security Notice USN-5423-2 May 17, 2022
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5423-2 https://ubuntu.com/security/notices/USN-5423-1 CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01
https://security.gentoo.org/
Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01
Synopsis
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.
Background
ClamAV is a GPL virus scanner.
Affected packages
Package Vulnerable Unaffected
app-antivirus/clamav < 0.103.7 >= 0.103.7
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
References
[ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.16.3"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5.5"
},
{
"model": "clamav",
"scope": "lt",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.17.2"
},
{
"model": "clamav",
"scope": "gte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "secure endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "clamav",
"scope": "lt",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.2"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.2"
},
{
"model": "cisco secure endpoint",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "clamav",
"scope": null,
"trust": 0.8,
"vendor": "clamav",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.103.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.103.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
}
],
"trust": 0.2
},
"cve": "CVE-2022-20785",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20785",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-405338",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20785",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-20785",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20785",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-2063",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-405338",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-20785",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ==========================================================================\nUbuntu Security Notice USN-5423-2\nMay 17, 2022\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-5423-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. \n\n\nOriginal advisory details:\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing CHM files. \n A remote attacker could possibly use this issue to cause ClamAV to stop\n responding, resulting in a denial of service. (CVE-2022-20770)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing TIFF\n files. A remote attacker could possibly use this issue to cause ClamAV to\n stop responding, resulting in a denial of service. (CVE-2022-20771)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing HTML\n files. A remote attacker could possibly use this issue to cause ClamAV to\n consume resources, resulting in a denial of service. (CVE-2022-20785)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled loading the\n signature database. A remote attacker could possibly use this issue to\n cause ClamAV to crash, resulting in a denial of service, or possibly\n execute arbitrary code. (CVE-2022-20792)\n\n Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly\n handled the scan verdict cache check. A remote attacker could possibly use\n this issue to cause ClamAV to crash, resulting in a denial of service, or\n possibly execute arbitrary code.(CVE-2022-20796)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1\n\nUbuntu 14.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5423-2\n https://ubuntu.com/security/notices/USN-5423-1\n CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,\n CVE-2022-20796\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ClamAV: Multiple Vulnerabilities\n Date: October 01, 2023\n Bugs: #831083, #842813, #894672\n ID: 202310-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ClamAV, the worst of\nwhich could result in remote code execution. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\napp-antivirus/clamav \u003c 0.103.7 \u003e= 0.103.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.103.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-20698\n https://nvd.nist.gov/vuln/detail/CVE-2022-20698\n[ 2 ] CVE-2022-20770\n https://nvd.nist.gov/vuln/detail/CVE-2022-20770\n[ 3 ] CVE-2022-20771\n https://nvd.nist.gov/vuln/detail/CVE-2022-20771\n[ 4 ] CVE-2022-20785\n https://nvd.nist.gov/vuln/detail/CVE-2022-20785\n[ 5 ] CVE-2022-20792\n https://nvd.nist.gov/vuln/detail/CVE-2022-20792\n[ 6 ] CVE-2022-20796\n https://nvd.nist.gov/vuln/detail/CVE-2022-20796\n[ 7 ] CVE-2022-20803\n https://nvd.nist.gov/vuln/detail/CVE-2022-20803\n[ 8 ] CVE-2023-20032\n https://nvd.nist.gov/vuln/detail/CVE-2023-20032\n[ 9 ] CVE-2023-20052\n https://nvd.nist.gov/vuln/detail/CVE-2023-20052\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20785",
"trust": 3.7
},
{
"db": "PACKETSTORM",
"id": "167211",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167199",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.2431",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2362",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2784",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051836",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050437",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-64260",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-405338",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-20785",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"id": "VAR-202205-0220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-405338"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T01:35:36.875000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2022-0ac71a8f3a Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://www.clamav.net/"
},
{
"title": "ClamAV Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=191377"
},
{
"title": "Cisco: ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: May 2022",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-clamav-html-xauok8mr"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2022-20785"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2022-20785"
},
{
"title": "Ubuntu Security Notice: USN-5423-1: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-1"
},
{
"title": "Ubuntu Security Notice: USN-5423-2: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-2"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1621",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2022-1621"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-090",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-090"
},
{
"title": "Amazon Linux 2022: ALAS-2022-229",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas-2022-229"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.1
},
{
"problemtype": "Lack of memory release after expiration (CWE-401) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-html-xauok8mr"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20785"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050437"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-multiple-vulnerabilities-38245"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051836"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20785/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2362"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167199/ubuntu-security-notice-usn-5423-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2431"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167211/ubuntu-security-notice-usn-5423-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2784"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051732"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-5423-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20770"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20771"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20796"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20792"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5423-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.21.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20052"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20698"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-405338"
},
{
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-405338"
},
{
"date": "2022-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"date": "2023-08-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"date": "2022-05-18T16:36:26",
"db": "PACKETSTORM",
"id": "167211"
},
{
"date": "2022-05-17T17:12:26",
"db": "PACKETSTORM",
"id": "167199"
},
{
"date": "2023-10-02T15:09:41",
"db": "PACKETSTORM",
"id": "174873"
},
{
"date": "2022-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"date": "2022-05-04T17:15:08.680000",
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-01T00:00:00",
"db": "VULHUB",
"id": "VHN-405338"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20785"
},
{
"date": "2023-08-14T07:56:00",
"db": "JVNDB",
"id": "JVNDB-2022-010292"
},
{
"date": "2022-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2063"
},
{
"date": "2023-11-07T03:42:56.707000",
"db": "NVD",
"id": "CVE-2022-20785"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ClamAV\u00a0 Vulnerability regarding lack of memory release after expiration in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010292"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-2063"
}
],
"trust": 0.6
}
}
var-201606-0327
Vulnerability from variot
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. This issue is fixed in: Cisco ClamAV 0.99 Cisco Email Security Appliance 9.7.0-125 Cisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. =========================================================================== Ubuntu Security Notice USN-3093-1 September 28, 2016
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
ClamAV could be made to crash or run programs if it processed a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled certain malformed files.
In the default installation, attackers would be isolated by the ClamAV AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: clamav 0.99.2+dfsg-0ubuntu0.16.04.1
Ubuntu 14.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.14.04.1
Ubuntu 12.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3093-1 CVE-2016-1371, CVE-2016-1372, CVE-2016-1405
Package Information: https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0327",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "clamav",
"scope": null,
"trust": 1.4,
"vendor": "clamav",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "8.8.0-085"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.6.0-042"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.5.0-284"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1.0-070"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "*"
},
{
"model": "web security the appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1.x"
},
{
"model": "web security the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1.1-041"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.7"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.5"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.4"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.3"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.2"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "web security appliance 8.7.0-171-ld",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.3-051"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.2-004"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.1-021"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.0.000"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.0-497"
},
{
"model": "web security appliance hot patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.51"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.0-235"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.8-113"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.7-151"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.7-142"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.6-115"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.6-078"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.6-073"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.6"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7.0-757"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7.0-725"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7.0-602"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7.0-550"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5.1-201"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5.0-838"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.4-101"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.3-013"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.2"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.2"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5.2"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.2"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.5"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.4"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.3"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.2"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.0-051"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.0-046"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.0-201"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1-023"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.0-032"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.0-461"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.7-043"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.7-042"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.6-074"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.6-073"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.6-106"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.1-023"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.8"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.3-019"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.5-106"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1-09"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.98.7"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.98.5"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.98.4"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.98"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.97.8"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0.98.6"
},
{
"model": "web security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1-041"
},
{
"model": "web security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1-135"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.0-125"
},
{
"model": "clamav",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.99"
}
],
"sources": [
{
"db": "BID",
"id": "90968"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1405"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "90968"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1405",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-1405",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90224",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-1405",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1405",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-717",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90224",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. \nThis issue is fixed in:\nCisco ClamAV 0.99\nCisco Email Security Appliance 9.7.0-125\nCisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. \n===========================================================================\nUbuntu Security Notice USN-3093-1\nSeptember 28, 2016\n\nclamav vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nClamAV could be made to crash or run programs if it processed a specially\ncrafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nIt was discovered that ClamAV incorrectly handled certain malformed files. \n\nIn the default installation, attackers would be isolated by the ClamAV\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n clamav 0.99.2+dfsg-0ubuntu0.16.04.1\n\nUbuntu 14.04 LTS:\n clamav 0.99.2+addedllvm-0ubuntu0.14.04.1\n\nUbuntu 12.04 LTS:\n clamav 0.99.2+addedllvm-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n http://www.ubuntu.com/usn/usn-3093-1\n CVE-2016-1371, CVE-2016-1372, CVE-2016-1405\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "BID",
"id": "90968"
},
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "PACKETSTORM",
"id": "138895"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1405",
"trust": 2.9
},
{
"db": "BID",
"id": "90968",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1035994",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035993",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2016.1376",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-90224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138895",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "BID",
"id": "90968"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "PACKETSTORM",
"id": "138895"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"id": "VAR-201606-0327",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90224"
}
],
"trust": 0.54258195
},
"last_update_date": "2023-12-18T12:29:54.547000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160531-wsa-esa",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160531-wsa-esa"
},
{
"title": "ChangeLog",
"trust": 0.8,
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/changelog"
},
{
"title": "Cisco Advance Malware Protection for Email Security Appliance and Web Security Appliance Clam AntiVirus Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62025"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160531-wsa-esa"
},
{
"trust": 1.7,
"url": "https://github.com/vrtadmin/clamav-devel/blob/master/changelog"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3093-1"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90968"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035993"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035994"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1405"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1405"
},
{
"trust": 0.6,
"url": "http://www.auscert.org.au/./render.html?it=35274"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1371"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1372"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1405"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "BID",
"id": "90968"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "PACKETSTORM",
"id": "138895"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90224"
},
{
"db": "BID",
"id": "90968"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"db": "PACKETSTORM",
"id": "138895"
},
{
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-90224"
},
{
"date": "2016-05-31T00:00:00",
"db": "BID",
"id": "90968"
},
{
"date": "2016-06-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"date": "2016-09-29T04:25:18",
"db": "PACKETSTORM",
"id": "138895"
},
{
"date": "2016-06-08T14:59:12.827000",
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"date": "2016-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-90224"
},
{
"date": "2016-10-03T09:01:00",
"db": "BID",
"id": "90968"
},
{
"date": "2016-06-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003096"
},
{
"date": "2016-11-28T19:58:55.810000",
"db": "NVD",
"id": "CVE-2016-1405"
},
{
"date": "2016-06-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138895"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco E Email Security Appliance and Web Security Used by appliance devices ClamAV Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003096"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-717"
}
],
"trust": 0.6
}
}
var-201203-0367
Vulnerability from variot
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations. Multiple products RAR A file parser contains a vulnerability that can prevent malware detection. Different RAR If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.By the attacker, MZ Has a character sequence starting with RAR Malware detection may be avoided via files. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Sophos Anti-Virus is a set of anti-virus software for various operating systems from Sophos, UK. The software detects and removes viruses, spyware, trojans and worms in real time, ensuring comprehensive network protection for desktops and laptops. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All affected products are command-line versions of the AVs.
Vulnerability Descriptions
- Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes evades detection.
Affected products - ClamAV 0.96.4, CAT-QuickHeal 11.00
CVE no - CVE-2012-1419
- Specially crafted infected POSIX TAR files with "\7fELF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, Rising 22.83.00.03
CVE no - CVE-2012-1420
- Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, Symantec 20101.3.0.103
CVE no - CVE-2012-1421
- Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1422
- Specially crafted infected POSIX TAR files with "MZ" as first 2 bytes evades detection.
Affected products - Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0
CVE no - CVE-2012-1423
- Specially crafted infected POSIX TAR files with "\19\04\00\10" at offset 8 evades detection.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, PCTools 7.0.3.5, Sophos 4.61.0
CVE no - CVE-2012-1424
- Specially crafted infected POSIX TAR files with "\50\4B\03\04" as the first 4 bytes evades detection.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, Fortinet 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004
CVE no - CVE-2012-1425
- Specially crafted infected POSIX TAR files with "\42\5A\68" as the first 3 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1426
- Specially crafted infected POSIX TAR files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1427
- Specially crafted infected POSIX TAR files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1428
- Specially crafted infected ELF files with "ustar" at offset 257 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01
CVE no - CVE-2012-1429 12. Specially crafted infected ELF files with "\19\04\00\10" at offset 8 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1430 13. Specially crafted infected ELF files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1431
- Specially crafted infected MS EXE files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1432
- Specially crafted infected MS EXE files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1433
- Specially crafted infected MS EXE files with "\19\04\00\10" at offset 8 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1434
- Specially crafted infected MS EXE files with "\50\4B\4C\49\54\45" at offset 30 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1435
- Specially crafted infected MS EXE files with "\2D\6C\68" at offset 2 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1436
- Specially crafted infected MS Office files with "\50\4B\53\70\58" at offset 526 evades detection.
Affected products - Comodo 7425
CVE no - CVE-2012-1437
- Specially crafted infected MS Office files with "ustar" at offset 257 evades detection.
Affected products - Comodo 7425, Sophos 4.61.0
CVE no - CVE-2012-1438
- 'padding' field in ELF files is parsed incorrectly. If an infected ELF file's padding field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1439
- 'identsize' field in ELF files is parsed incorrectly. If an infected ELF file's identsize field is incremented by 1 it evades detection.
Affected products - Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1440
- 'e_ip' and 'e_res' field in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1 it evades detection.
Affected products - Prevx 3.0
'e_minalloc', 'e_res2','e_cparhdr', 'e_crlc', 'e_lfarlc','e_maxalloc',
'e_oeminfo', 'e_ovno', 'e_cs', 'e_csum','e_sp', 'e_ss', 'e_cblp' and
'e_oemid' fields in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1
it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0
CVE no - CVE-2012-1441
- 'class' field in ELF files is parsed incorrectly.
If an infected ELF file's class field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1442
- Infected RAR files with initial two bytes set to 'MZ' can be fixed by the user and correctly extracted. Such a file evades detection.
Affected products - ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0 nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, Avast5 5.0.677.0, VBA32 3.12.14.2
CVE no - CVE-2012-1443
- 'abiversion' field in ELF files is parsed incorrectly.
If an infected ELF file's abiversion field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1444
- 'abi' field in ELF files is parsed incorrectly.
If an infected ELF file's abi field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1445
- 'encoding' field in ELF files is parsed incorrectly.
If an infected ELF file's encoding field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, McAfee 5.400.0.1158, Symantec 20101.3.0.103, Norman 6.06.12, eSafe 7.0.017.0, Kaspersky 7.0.0.125, McAfee-GW-Edition 2010.1C, Sophos 4.61.0, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, PCTools 7.0.3.5, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1446
- 'e_version' field in ELF files is parsed incorrectly.
If an infected ELF file's e_version field is incremented by 1 it evades detection.
Affected products - Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7
CVE no - CVE-2012-1447
- 'cbCabinet' field in CAB files is parsed incorrectly.
If an infected CAB file's cbCabinet field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0 TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1
CVE no - CVE-2012-1448
- 'vMajor' field in CAB files is parsed incorrectly.
If an infected CAB file's vMajor field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1449
- 'reserved3' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1450
- 'reserved2' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved2 field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1451
- 'reserved1' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00
CVE no - CVE-2012-1452
- 'coffFiles' field in CAB files is parsed incorrectly.
If an infected CAB file's coffFiles field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C, Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402, Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1453
- 'ei_version' field in ELF files is parsed incorrectly.
If an infected ELF file's version field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1454
- 'vMinor' field in CAB files is parsed incorrectly.
If an infected CAB file's version field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1455
- A specially crafted ZIP file, created by concatenating the contents of a clean TAR archive and a virus-infected ZIP archive, is parsed incorrectly and evades detection.
Affected products - AVG 10.0.0.1190, CAT-QuickHeal 11.00, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117,Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004
CVE no - CVE-2012-1456
- If the length field in the header of a file with test EICAR virus included into a TAR archive is set to be greater than the archive's total length (1,000,000+original length in our experiments), the antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1457
- A Windows Compiled HTML Help (CHM) file is a set of HTML files, scripts, and images compressed using the LZX algorithm. For faster random accesses, the algorithm is reset at intervals instead of compressing the entire file as a single stream. The length of each interval is specified in the LZXC header.
If an infected CHM file's header modified so that the reset interval is lower than in the original file, the antivirus declares the file to be clean. But the Windows CHM viewer hh.exe correctly decompresses the infected content located before the tampered header.
Affected products - ClamAV 0.96.4, Sophos 4.61.0
CVE no - CVE-2012-1458
- In a POSIX TAR archive, each member file has a 512-byte header protected by a simple checksum. Every header also contains a file length field, which is used by the extractor to locate the next header in the archive.
If a TAR archive contains two files: the first one is clean, while the second is infected with test EICAR virus - and it is modified such that the length field in the header of the first, clean file to point into the middle of the header of the second, infected file. The antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, the antivirus declares the file to be clean but virus gets extracted by the gunzip+tar programs correctly by ignoring these bytes.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, VBA32 3.12.14.2
CVE no - CVE-2012-1460
- GZIP files can contain multiple compressed streams, which are assembled when the contents are extracted. If an infected .tar.gz file is broken into two streams, the antivirus declares the infected .tar.gz file to be clean while tar+gunzip extract the virus correctly
Affected products - AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2
CVE no - CVE-2012-1461
- If an infected ZIP archive is prepended with 1024 random bytes at the beginning, the antivirus declares the file to be clean but virus gets extracted by the unzip program correctly by skipping these bytes
Affected products - AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103
CVE no - CVE-2012-1462
- In most ELF files, the 5th byte of the header indicates endianness: 01 for little-endian, 02 for bigendian. Linux kernel, however, does not check this field before loading an ELF file. If an infected ELF file's 5-th byte is set to 02, the antivirus declares the file to be clean but the ELF file gets executed correctly.
Affected products - AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7
CVE no - CVE-2012-1463
Credits
Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.
References
"Abusing File Processing in Malware Detectors for Fun and Profit" by Suman Jana and Vitaly Shmatikov To appear in IEEE Symposium on Security and Privacy 2012 http://www.ieee-security.org/TC/SP2012/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "antivirus",
"scope": "eq",
"trust": 2.1,
"vendor": "comodo",
"version": "7424"
},
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "authentium",
"version": "5.2.11.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "avg",
"version": "10.0.0.1190"
},
{
"model": "bitdefender",
"scope": "eq",
"trust": 1.8,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.8,
"vendor": "clamav",
"version": "0.96.4"
},
{
"model": "anti-malware",
"scope": "eq",
"trust": 1.8,
"vendor": "emsisoft",
"version": "5.1.0.1"
},
{
"model": "virus utilities t3 command line scanner",
"scope": "eq",
"trust": 1.8,
"vendor": "ikarus",
"version": "1.1.97.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "jiangmin",
"version": "13.0.900"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "pc tools",
"version": "7.0.3.5"
},
{
"model": "virusbuster",
"scope": "eq",
"trust": 1.8,
"vendor": "virusbuster",
"version": "13.6.151.0"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "f secure",
"version": "9.0.16160.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "scan engine",
"scope": "eq",
"trust": 1.8,
"vendor": "mcafee",
"version": "5.400.0.1158"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "v3 internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "ahnlab",
"version": "2011.01.18.00"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "5.0.677.0"
},
{
"model": "housecall",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "nprotect",
"version": "2011-01-17.01"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "5795"
},
{
"model": "g data antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "gdata",
"version": "21"
},
{
"model": "trend micro antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "f prot",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "k7computing",
"version": "9.77.3565"
},
{
"model": "quick heal",
"scope": "eq",
"trust": 1.0,
"vendor": "cat",
"version": "11.00"
},
{
"model": "vba32",
"scope": "eq",
"trust": 1.0,
"vendor": "anti virus",
"version": "3.12.14.2"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivir",
"scope": "eq",
"trust": 1.0,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "4.8.1351.0"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "4.8.1351.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "5.0.677.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "nod32 anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "eset",
"version": "5795"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "frisk",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "g data",
"version": "21"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "k7 computing",
"version": "9.77.3565"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "nprotect",
"version": "2011-01-17.01"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.8,
"vendor": "virusblokada",
"version": "3.12.14.2"
},
{
"model": "v3 internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "unlab",
"version": "2011.01.18.00"
},
{
"model": "heal",
"scope": "eq",
"trust": 0.8,
"vendor": "quick heal k k",
"version": "11.00"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.3,
"vendor": "virusblokada",
"version": "3.12.142"
},
{
"model": "virusbuster",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "13.6.1510"
},
{
"model": "trend micro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20101.3103"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.61"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "pctools",
"version": "7.0.35"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "computing pvt ltd k7antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "k7",
"version": "9.77.3565"
},
{
"model": "nprotect",
"scope": "eq",
"trust": 0.3,
"vendor": "inca",
"version": "2011-01-17.01"
},
{
"model": "antivirus t3.1.1.97.0",
"scope": null,
"trust": 0.3,
"vendor": "ikarus",
"version": null
},
{
"model": "data software gdata",
"scope": "eq",
"trust": 0.3,
"vendor": "g",
"version": "21"
},
{
"model": "software f-prot antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "frisk",
"version": "4.6.2117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2.2540"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.0.16160.0"
},
{
"model": "nod32",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "5795"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "esafe",
"version": "7.0.170"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "antivir engine",
"scope": "eq",
"trust": 0.3,
"vendor": "avira",
"version": "7.11.1163"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "avg",
"version": "10.01190"
},
{
"model": "avast5 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "5.0.6770"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "4.8.1351.0"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "authentium",
"version": "5.2.115"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
},
{
"model": "engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ahnlab",
"version": "v32011.01.18.00"
}
],
"sources": [
{
"db": "BID",
"id": "52612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1443"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52612"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1443",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1443",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54724",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1443",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-407",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54724",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations. Multiple products RAR A file parser contains a vulnerability that can prevent malware detection. Different RAR If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.By the attacker, MZ Has a character sequence starting with RAR Malware detection may be avoided via files. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Sophos Anti-Virus is a set of anti-virus software for various operating systems from Sophos, UK. The software detects and removes viruses, spyware, trojans and worms in real time, ensuring comprehensive network protection for desktops and laptops. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All \naffected products are command-line versions of \nthe AVs. \n\n----------------------------\nVulnerability Descriptions\n----------------------------\n\n1. Specially crafted infected POSIX TAR files with \"[aliases]\" as first 9 bytes \n evades detection. \n\n Affected products -\n ClamAV 0.96.4, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1419\n\n2. Specially crafted infected POSIX TAR files with \"\\7fELF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, \n Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1420\n\n3. Specially crafted infected POSIX TAR files with \"MSCF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, \n Symantec 20101.3.0.103\n\n CVE no - \n CVE-2012-1421\n\n4. Specially crafted infected POSIX TAR files with \"ITSF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1422\n\n5. Specially crafted infected POSIX TAR files with \"MZ\" as first 2 bytes \n evades detection. \n\n Affected products -\n Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, \n Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, \n PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0\n\n CVE no - \n CVE-2012-1423\n\n6. Specially crafted infected POSIX TAR files with \"\\19\\04\\00\\10\" at offset 8\n evades detection. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, \n PCTools 7.0.3.5, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1424\n\n\n7. Specially crafted infected POSIX TAR files with \"\\50\\4B\\03\\04\" as the first\n 4 bytes evades detection. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1,\n Fortinet 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Symantec 20101.3.0.103, \n TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004 \n\n CVE no - \n CVE-2012-1425\n\n8. Specially crafted infected POSIX TAR files with \"\\42\\5A\\68\" as the first\n 3 bytes evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1426\n\n\n9. Specially crafted infected POSIX TAR files with \"\\57\\69\\6E\\5A\\69\\70\" at \n offset 29 evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1427\n\n10. Specially crafted infected POSIX TAR files with \"\\4a\\46\\49\\46\" at offset 6\n evades detection. \n \n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1428\n\n11. Specially crafted infected ELF files with \"ustar\" at offset 257\n evades detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01 \n\n CVE no - \n CVE-2012-1429\n12. Specially crafted infected ELF files with \"\\19\\04\\00\\10\" at offset 8 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, \n Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1430\n13. Specially crafted infected ELF files with \"\\4a\\46\\49\\46\" at offset 6 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, \n F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, \n nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1431\n\n14. Specially crafted infected MS EXE files with \"\\57\\69\\6E\\5A\\69\\70\" at offset\n 29 evades detection. \n\n Affected products -\n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1432\n\n15. Specially crafted infected MS EXE files with \"\\4a\\46\\49\\46\" at offset\n 6 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1433\n\n16. Specially crafted infected MS EXE files with \"\\19\\04\\00\\10\" at offset\n 8 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, \n Panda 10.0.2.7\n \n CVE no - \n CVE-2012-1434\n\n17. Specially crafted infected MS EXE files with \"\\50\\4B\\4C\\49\\54\\45\" at \n offset 30 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1435\n\n18. Specially crafted infected MS EXE files with \"\\2D\\6C\\68\" at \n offset 2 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1436\n\n19. Specially crafted infected MS Office files with \"\\50\\4B\\53\\70\\58\" at \n offset 526 evades detection. \n \n Affected products - \n Comodo 7425\n \n CVE no - \n CVE-2012-1437\n\n20. Specially crafted infected MS Office files with \"ustar\" at \n offset 257 evades detection. \n\n Affected products - \n Comodo 7425, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1438\n\n21. \u0027padding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s padding field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1439\n\n22. \u0027identsize\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s identsize field is incremented by 1 it evades\n detection. \n\n Affected products - \n Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1440\n\n23. \u0027e_ip\u0027 and \u0027e_res\u0027 field in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n Prevx 3.0\n\n \u0027e_minalloc\u0027, \u0027e_res2\u0027,\u0027e_cparhdr\u0027, \u0027e_crlc\u0027, \u0027e_lfarlc\u0027,\u0027e_maxalloc\u0027,\n \u0027e_oeminfo\u0027, \u0027e_ovno\u0027, \u0027e_cs\u0027, \u0027e_csum\u0027,\u0027e_sp\u0027, \u0027e_ss\u0027, \u0027e_cblp\u0027 and \n \u0027e_oemid\u0027 fields in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0\n\n\n CVE no - \n CVE-2012-1441\n\n24. \u0027class\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s class field is incremented by 1 it evades\n detection. \n\n Affected products - \n CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, \n Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1442\n\n25. Infected RAR files with initial two bytes set to \u0027MZ\u0027 can be fixed by the \n user and correctly extracted. Such a file evades detection. \n \n Affected products -\n ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, \n Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, \n Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, \n VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, \n K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 \n Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, \n Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, \n TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0\n nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, \n Avast5 5.0.677.0, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1443\n\n26. \u0027abiversion\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abiversion field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1444\n\n27. \u0027abi\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abi field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1445\n\n28. \u0027encoding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s encoding field is incremented by 1 it evades\n detection. \n\n Affected products - \n CAT-QuickHeal 11.00, McAfee 5.400.0.1158, Symantec 20101.3.0.103, \n Norman 6.06.12, eSafe 7.0.017.0, Kaspersky 7.0.0.125, \n McAfee-GW-Edition 2010.1C, Sophos 4.61.0, eTrust-Vet 36.1.8511, \n Antiy-AVL 2.0.3.7, PCTools 7.0.3.5, Rising 22.83.00.03, Fortinet 4.2.254.0,\n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1446\n\n29. \u0027e_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s e_version field is incremented by 1 it evades\n detection. \n\n Affected products -\n Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1447\n\n30. \u0027cbCabinet\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s cbCabinet field is incremented by 1 it evades\n detection. \n\n Affected products -\n CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0\n TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1 \n\n CVE no - \n CVE-2012-1448\n\n31. \u0027vMajor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s vMajor field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1449\n\n32. \u0027reserved3\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1450\n\n33. \u0027reserved2\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved2 field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1451\n\n34. \u0027reserved1\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1452\n\n35. \u0027coffFiles\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s coffFiles field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, \n Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C,\n Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402,\n Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1453\n\n36. \u0027ei_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, \n Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1454\n\n37. \u0027vMinor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1455\n\n38. A specially crafted ZIP file, created by concatenating the contents \n of a clean TAR archive and a virus-infected ZIP archive, is parsed \n incorrectly and evades detection. \n\n Affected products -\n AVG 10.0.0.1190, CAT-QuickHeal 11.00, Comodo 7424, Emsisoft 5.1.0.1,\n eSafe 7.0.17.0, F-Prot 4.6.2.117,Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, \n Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, \n TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004\n\n CVE no - \n CVE-2012-1456\n\n39. If the length field in the header of a file with test EICAR virus\n included into a TAR archive is set to be greater than the archive\u0027s total \n length (1,000,000+original length in our experiments), the antivirus \n declares the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, \n AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, \n Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, \n GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, \n Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1457\n\n40. A Windows Compiled HTML Help (CHM) file is a set of HTML files,\n scripts, and images compressed using the LZX algorithm. \n For faster random accesses, the algorithm is reset at intervals\n instead of compressing the entire file as a single stream. The\n length of each interval is specified in the LZXC header. \n\n If an infected CHM file\u0027s header modified so that the reset interval\n is lower than in the original file, the antivirus declares the file\n to be clean. But the Windows CHM viewer hh.exe correctly decompresses\n the infected content located before the tampered header. \n\n Affected products -\n ClamAV 0.96.4, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1458\n\n41. In a POSIX TAR archive, each member file has a 512-byte header protected\n by a simple checksum. Every header also contains a file length field, which\n is used by the extractor to locate the next header in the archive. \n\n If a TAR archive contains two files: the first one is clean, while\n the second is infected with test EICAR virus - and it is modified such that \n the length field in the header of the first, clean file to point into the \n middle of the header of the second, infected file. The antivirus declares \n the file to be clean but virus gets extracted correctly by the \n GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, \n the antivirus declares the file to be clean but virus gets extracted by\n the gunzip+tar programs correctly by ignoring these bytes. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, \n eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, VBA32 3.12.14.2 \n \n CVE no - \n CVE-2012-1460\n\n43. GZIP files can contain multiple compressed streams, which are assembled\n when the contents are extracted. If an infected .tar.gz file is broken \n into two streams, the antivirus declares the infected .tar.gz file to \n be clean while tar+gunzip extract the virus correctly\n\n Affected products -\n AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, \n F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, \n Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, \n TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1461\n\n44. If an infected ZIP archive is prepended with 1024 random bytes at the \n beginning, the antivirus declares the file to be clean but virus gets extracted\n by the unzip program correctly by skipping these bytes\n\n Affected products -\n AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, \n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, \n Symantec 20101.3.0.103 \n\n CVE no - \n CVE-2012-1462\n\n45. In most ELF files, the 5th byte of the header indicates endianness: 01\n for little-endian, 02 for bigendian. Linux kernel, however, does not\n check this field before loading an ELF file. If an infected ELF file\u0027s 5-th \n byte is set to 02, the antivirus declares the file to be clean but the ELF \n file gets executed correctly. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, \n Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7 \n\n CVE no - \n CVE-2012-1463\n\n--------\nCredits\n--------\nVulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov. \n\n-----------\nReferences\n-----------\n\"Abusing File Processing in Malware Detectors for Fun and Profit\" by Suman Jana and Vitaly Shmatikov\nTo appear in IEEE Symposium on Security and Privacy 2012\nhttp://www.ieee-security.org/TC/SP2012/ \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "BID",
"id": "52612"
},
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "PACKETSTORM",
"id": "110990"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1443",
"trust": 2.9
},
{
"db": "BID",
"id": "52612",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80469",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80461",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80454",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80455",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80467",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80468",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80471",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80456",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80459",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80472",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80470",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80457",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80460",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80458",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19198",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54724",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "BID",
"id": "52612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"id": "VAR-201203-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54724"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:12.911000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/en/avlsdk.html"
},
{
"title": "Command Antivirus",
"trust": 0.8,
"url": "http://www.authentium.com/command/csavdownload.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.avast.co.jp/index"
},
{
"title": "AVG Anti-Virus",
"trust": 0.8,
"url": "http://www.avgjapan.com/home-small-office-security/buy-antivirus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.avira.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.bitdefender.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.clamav.net/lang/en/"
},
{
"title": "Comodo Antivirus",
"trust": 0.8,
"url": "http://www.comodo.com/home/internet-security/antivirus.php"
},
{
"title": "Emsisoft Anti-Malware",
"trust": 0.8,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"title": "ESET NOD32\u30a2\u30f3\u30c1\u30a6\u30a4\u30eb\u30b9",
"trust": 0.8,
"url": "http://www.eset.com/us/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.f-prot.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.gdata.co.jp/"
},
{
"title": "IKARUS virus.utilities",
"trust": 0.8,
"url": "http://www.ikarus.at/en/ngo-gov/products/virus_utilities/index.html"
},
{
"title": "Jiangmin Antivirus",
"trust": 0.8,
"url": "http://global.jiangmin.com/"
},
{
"title": "K7 AntiVirus",
"trust": 0.8,
"url": "http://www.k7computing.com/en/product/k7-antivirusplus.php"
},
{
"title": "MacAfee Scan Engine",
"trust": 0.8,
"url": "http://www.mcafee.com/us/support/support-eol-scan-engine.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "nProtect Anti-Virus",
"trust": 0.8,
"url": "http://global.nprotect.com/product/avs.php"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "PC Tools AntiVirus",
"trust": 0.8,
"url": "http://www.pctools.com/jp/spyware-doctor-antivirus/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.quickheal.com/"
},
{
"title": "Endpoint Protection",
"trust": 0.8,
"url": "http://www.symantec.com/ja/jp/endpoint-protection"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/home/"
},
{
"title": "Trend Micro HouseCall",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/tools/housecall/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://anti-virus.by/en"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.virusbuster.hu/en"
},
{
"title": "eSafe",
"trust": 0.8,
"url": "http://www.aladdin.co.jp/esafe/"
},
{
"title": "V3 Internet Security",
"trust": 0.8,
"url": "http://www.ahnlab.co.jp/product_service/product/b2b/v3is8.asp"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sophos.com"
},
{
"title": "Microsoft Security Essentials",
"trust": 0.8,
"url": "http://windows.microsoft.com/ja-jp/windows/products/security-essentials"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/japan/products/web_gateway.asp"
},
{
"title": "F-Secure Anti-Virus",
"trust": 0.8,
"url": "http://www.f-secure.com/ja/web/home_jp/protection/anti-virus/overview"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52612"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80454"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80455"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80456"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80457"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80458"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80459"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80460"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80461"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80467"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80468"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80469"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80470"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80471"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80472"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1443"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1443"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19198"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2012/mar/88"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1441"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1423"
},
{
"trust": 0.1,
"url": "http://www.ieee-security.org/tc/sp2012/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1437"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "BID",
"id": "52612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54724"
},
{
"db": "BID",
"id": "52612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54724"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52612"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"date": "2012-03-19T23:51:01",
"db": "PACKETSTORM",
"id": "110990"
},
{
"date": "2012-03-21T10:11:48.083000",
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-54724"
},
{
"date": "2015-03-19T08:41:00",
"db": "BID",
"id": "52612"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001895"
},
{
"date": "2012-11-06T05:09:04.360000",
"db": "NVD",
"id": "CVE-2012-1443"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products RAR Vulnerability that prevents file parsers from detecting malware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001895"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-407"
}
],
"trust": 0.6
}
}
var-201203-0381
Vulnerability from variot
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.By a third party TAR Total file size exceeded length With field TAR Malware detection can be bypassed via archive entries. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Vulnerabilities exist in the TAR file parser in version 1004, Trend Micro HouseCall version 9.120.0.1004, VBA32 version 3.12.14.2, and VirusBuster version 13.6.151.0. ============================================================================ Ubuntu Security Notice USN-1482-1 June 19, 2012
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
ClamAV could improperly detect malware if it opened a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled certain malformed TAR archives. (CVE-2012-1457, CVE-2012-1459)
It was discovered that ClamAV incorrectly handled certain malformed CHM files. (CVE-2012-1458)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: clamav 0.97.5+dfsg-1ubuntu0.12.04.1 clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.1 libclamav6 0.97.5+dfsg-1ubuntu0.12.04.1
Ubuntu 11.10: clamav 0.97.5+dfsg-1ubuntu0.11.10.1 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.1 libclamav6 0.97.5+dfsg-1ubuntu0.11.10.1
Ubuntu 11.04: clamav 0.97.5+dfsg-1ubuntu0.11.04.1 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.1 libclamav6 0.97.5+dfsg-1ubuntu0.11.04.1
Ubuntu 10.04 LTS: clamav 0.96.5+dfsg-1ubuntu1.10.04.4 clamav-daemon 0.96.5+dfsg-1ubuntu1.10.04.4 libclamav6 0.96.5+dfsg-1ubuntu1.10.04.4
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1482-1 CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
Package Information: https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1 https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4 .
The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459 http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5
Updated Packages:
Mandriva Enterprise Server 5: d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf OUr1QL5Wsvt3KboLKCdYUhE= =1QL7 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0381",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "virusbuster",
"scope": "eq",
"trust": 2.4,
"vendor": "virusbuster",
"version": "13.6.151.0"
},
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "authentium",
"version": "5.2.11.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "avg",
"version": "10.0.0.1190"
},
{
"model": "bitdefender",
"scope": "eq",
"trust": 1.8,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.8,
"vendor": "clamav",
"version": "0.96.4"
},
{
"model": "anti-malware",
"scope": "eq",
"trust": 1.8,
"vendor": "emsisoft",
"version": "5.1.0.1"
},
{
"model": "virus utilities t3 command line scanner",
"scope": "eq",
"trust": 1.8,
"vendor": "ikarus",
"version": "1.1.97.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "jiangmin",
"version": "13.0.900"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "pc tools",
"version": "7.0.3.5"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "scan engine",
"scope": "eq",
"trust": 1.8,
"vendor": "mcafee",
"version": "5.400.0.1158"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "5.0.677.0"
},
{
"model": "housecall",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "5795"
},
{
"model": "g data antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "gdata",
"version": "21"
},
{
"model": "trend micro antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "f prot",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "k7computing",
"version": "9.77.3565"
},
{
"model": "quick heal",
"scope": "eq",
"trust": 1.0,
"vendor": "cat",
"version": "11.00"
},
{
"model": "vba32",
"scope": "eq",
"trust": 1.0,
"vendor": "anti virus",
"version": "3.12.14.2"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivir",
"scope": "eq",
"trust": 1.0,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "4.8.1351.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "4.8.1351.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "5.0.677.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "nod32 anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "eset",
"version": "5795"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "frisk",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "g data",
"version": "21"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "k7 computing",
"version": "9.77.3565"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.8,
"vendor": "virusblokada",
"version": "3.12.14.2"
},
{
"model": "heal",
"scope": "eq",
"trust": 0.8,
"vendor": "quick heal k k",
"version": "11.00"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.3,
"vendor": "virusblokada",
"version": "3.12.142"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "virusbuster",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "13.6.1510"
},
{
"model": "trend micro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20101.3103"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "pctools",
"version": "7.0.35"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.6402"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "7.0125"
},
{
"model": "computing pvt ltd k7antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "k7",
"version": "9.77.3565"
},
{
"model": "jiangmin",
"scope": "eq",
"trust": 0.3,
"vendor": "jiangmin",
"version": "13.0.900"
},
{
"model": "antivirus t3.1.1.97.0",
"scope": null,
"trust": 0.3,
"vendor": "ikarus",
"version": null
},
{
"model": "data software gdata",
"scope": "eq",
"trust": 0.3,
"vendor": "g",
"version": "21"
},
{
"model": "software f-prot antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "frisk",
"version": "4.6.2117"
},
{
"model": "nod32",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "5795"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "esafe",
"version": "7.0.170"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "antivir engine",
"scope": "eq",
"trust": 0.3,
"vendor": "avira",
"version": "7.11.1163"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "avg",
"version": "10.01190"
},
{
"model": "avast5 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "5.0.6770"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "4.8.1351.0"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "authentium",
"version": "5.2.115"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
}
],
"sources": [
{
"db": "BID",
"id": "52610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52610"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1457",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54738",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1457",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-420",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54738",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.By a third party TAR Total file size exceeded length With field TAR Malware detection can be bypassed via archive entries. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Vulnerabilities exist in the TAR file parser in version 1004, Trend Micro HouseCall version 9.120.0.1004, VBA32 version 3.12.14.2, and VirusBuster version 13.6.151.0. ============================================================================\nUbuntu Security Notice USN-1482-1\nJune 19, 2012\n\nclamav vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.04 LTS\n\nSummary:\n\nClamAV could improperly detect malware if it opened a specially crafted\nfile. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nIt was discovered that ClamAV incorrectly handled certain malformed TAR\narchives. (CVE-2012-1457,\nCVE-2012-1459)\n\nIt was discovered that ClamAV incorrectly handled certain malformed CHM\nfiles. (CVE-2012-1458)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n clamav 0.97.5+dfsg-1ubuntu0.12.04.1\n clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.1\n libclamav6 0.97.5+dfsg-1ubuntu0.12.04.1\n\nUbuntu 11.10:\n clamav 0.97.5+dfsg-1ubuntu0.11.10.1\n clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.1\n libclamav6 0.97.5+dfsg-1ubuntu0.11.10.1\n\nUbuntu 11.04:\n clamav 0.97.5+dfsg-1ubuntu0.11.04.1\n clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.1\n libclamav6 0.97.5+dfsg-1ubuntu0.11.04.1\n\nUbuntu 10.04 LTS:\n clamav 0.96.5+dfsg-1ubuntu1.10.04.4\n clamav-daemon 0.96.5+dfsg-1ubuntu1.10.04.4\n libclamav6 0.96.5+dfsg-1ubuntu1.10.04.4\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-1482-1\n CVE-2012-1457, CVE-2012-1458, CVE-2012-1459\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4\n. \n \n The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers\n to bypass malware detection via a crafted reset interval in the LZXC\n header of a CHM file. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459\n http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm\n 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm\n c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm\n d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm\n 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm\n 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm \n 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm \n 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf\nOUr1QL5Wsvt3KboLKCdYUhE=\n=1QL7\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "BID",
"id": "52610"
},
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-54738",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1457",
"trust": 3.0
},
{
"db": "BID",
"id": "52610",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80392",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80406",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80391",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80407",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80396",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80395",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80403",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80409",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80389",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80393",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19229",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "113841",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-54738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113878",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "BID",
"id": "52610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"id": "VAR-201203-0381",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:12.001000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.aladdin.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.antiy.net/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.authentium.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.avast.com/index"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.avg.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.avira.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.bitdefender.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.clamav.net/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.emsisoft.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.eset.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.f-prot.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.gdata-software.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ikarus.at/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://global.jiangmin.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.k7computing.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.mcafee.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.microsoft.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "openSUSE-SU-2012:0833",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.pctools.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.quickheal.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.symantec.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.trendmicro.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://anti-virus.by/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.virusbuster.hu/en/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.kaspersky.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52610"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2012:094"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80389"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80391"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80392"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80393"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80395"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80396"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80403"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80406"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80407"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80409"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1457"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1457"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19229"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.authentium.com"
},
{
"trust": 0.3,
"url": "http://www.avast.com"
},
{
"trust": 0.3,
"url": "http://www.avg.com"
},
{
"trust": 0.3,
"url": "http://www.avira.com/"
},
{
"trust": 0.3,
"url": "http://www.bitdefender.com"
},
{
"trust": 0.3,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"trust": 0.3,
"url": "http://www.safenet-inc.com/data-protection/content-security-esafe/"
},
{
"trust": 0.3,
"url": "http://eset.com"
},
{
"trust": 0.3,
"url": "http://www.f-prot.com/"
},
{
"trust": 0.3,
"url": "http://www.gdatasoftware.com"
},
{
"trust": 0.3,
"url": "http://www.ikarus.at"
},
{
"trust": 0.3,
"url": "http://global.jiangmin.com/"
},
{
"trust": 0.3,
"url": "http://www.k7computing.com/en/product/k7-antivirusplus.php"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pctools.com/spyware-doctor-antivirus/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.com/"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
},
{
"trust": 0.3,
"url": "http://anti-virus.by/en/index.shtml"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1457"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1459"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1458"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1482-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1459"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=changelog;hb=clamav-0.97.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1458"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "BID",
"id": "52610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54738"
},
{
"db": "BID",
"id": "52610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54738"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52610"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"date": "2012-06-20T02:54:11",
"db": "PACKETSTORM",
"id": "113878"
},
{
"date": "2012-06-19T00:56:02",
"db": "PACKETSTORM",
"id": "113841"
},
{
"date": "2012-03-21T10:11:49.287000",
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-54738"
},
{
"date": "2015-05-07T17:17:00",
"db": "BID",
"id": "52610"
},
{
"date": "2012-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001902"
},
{
"date": "2018-01-18T02:29:13.083000",
"db": "NVD",
"id": "CVE-2012-1457"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products TAR Vulnerability that prevents file parsers from detecting malware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001902"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-420"
}
],
"trust": 0.6
}
}
var-202005-0719
Vulnerability from variot
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ========================================================================== Ubuntu Security Notice USN-4370-2 May 21, 2020
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-4370-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)
It was discovered that ClamAV incorrectly handled parsing PDF files. (CVE-2020-3341)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: clamav 0.102.3+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM: clamav 0.102.3+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4370-2 https://usn.ubuntu.com/4370-1 CVE-2020-3327, CVE-2020-3341
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0719",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "clam antivirus",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "0.102.2"
},
{
"model": "clam antivirus",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "0.101"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.8,
"vendor": "clamav",
"version": "0.101 \u304b\u3089 0.102.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.102.2",
"versionStartIncluding": "0.101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
}
],
"trust": 0.8
},
"cve": "CVE-2020-3341",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005537",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181466",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3341",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005537",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3341",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3341",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-005537",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-690",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181466",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3341",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ==========================================================================\nUbuntu Security Notice USN-4370-2\nMay 21, 2020\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4370-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)\n\n It was discovered that ClamAV incorrectly handled parsing PDF files. (CVE-2020-3341)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n clamav 0.102.3+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n clamav 0.102.3+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://usn.ubuntu.com/4370-2\n https://usn.ubuntu.com/4370-1\n CVE-2020-3327, CVE-2020-3341\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3341",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "157799",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "48880",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1831",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1775",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1758",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4350",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4540",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4412",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0056",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "157681",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181466",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3341",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "157796",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"id": "VAR-202005-0719",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181466"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T01:09:52.259000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ClamAV 0.102.3 security patch released",
"trust": 0.8,
"url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"
},
{
"title": "Clam AntiVirus Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=118725"
},
{
"title": "Ubuntu Security Notice: clamav vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4370-1"
},
{
"title": "Ubuntu Security Notice: clamav vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4370-2"
},
{
"title": "CVE-T4PDF\nTable of contents\nList of CVEs\nList of Techniques",
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://usn.ubuntu.com/4370-1/"
},
{
"trust": 1.8,
"url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4370-2/"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3341"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3341"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157681/clam-antivirus-toolkit-0.102.3.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157799/ubuntu-security-notice-usn-4370-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0056/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1758/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48880"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1831/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1775/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-denial-of-service-via-the-pdf-parser-32252"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4370-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3327"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.19.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4370-2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181466"
},
{
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-181466"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"date": "2020-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"date": "2020-05-21T19:33:33",
"db": "PACKETSTORM",
"id": "157796"
},
{
"date": "2020-05-21T23:56:22",
"db": "PACKETSTORM",
"id": "157799"
},
{
"date": "2020-05-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"date": "2020-05-13T03:15:11.200000",
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181466"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3341"
},
{
"date": "2020-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005537"
},
{
"date": "2021-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-690"
},
{
"date": "2023-11-07T03:22:36.723000",
"db": "NVD",
"id": "CVE-2020-3341"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clam AntiVirus Input verification vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005537"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-690"
}
],
"trust": 0.6
}
}
var-202005-0717
Vulnerability from variot
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ========================================================================= Ubuntu Security Notice USN-4435-2 July 27, 2020
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)
It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary files. (CVE-2020-3350)
It was discovered that ClamAV incorrectly handled parsing EGG archives. (CVE-2020-3481)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4435-2 https://usn.ubuntu.com/4435-1 CVE-2020-3327, CVE-2020-3350, CVE-2020-3481
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0717",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "clam antivirus",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "0.102.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "clamav",
"scope": "eq",
"trust": 0.8,
"vendor": "clamav",
"version": "0.102.2"
},
{
"model": "clam antivirus",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "0.102.2"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.102.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3327"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158624"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
],
"trust": 1.0
},
"cve": "CVE-2020-3327",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005536",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181452",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3327",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005536",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3327",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3327",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-005536",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-695",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181452",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3327",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. =========================================================================\nUbuntu Security Notice USN-4435-2\nJuly 27, 2020\n\nclamav vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4435-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327)\n\n It was discovered that ClamAV incorrectly handled scanning malicious files. \n A local attacker could possibly use this issue to delete arbitrary files. \n (CVE-2020-3350)\n\n It was discovered that ClamAV incorrectly handled parsing EGG archives. (CVE-2020-3481)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n clamav 0.102.4+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n clamav 0.102.4+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://usn.ubuntu.com/4435-2\n https://usn.ubuntu.com/4435-1\n CVE-2020-3327, CVE-2020-3350, CVE-2020-3481\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158624"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3327",
"trust": 3.0
},
{
"db": "PACKETSTORM",
"id": "157799",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158626",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1831",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1775",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1758",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4350",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0056",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4540",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2558",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4412",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2704",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "157681",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158454",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "48917",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158624",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "157796",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-181452",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3327",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158624"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"id": "VAR-202005-0717",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181452"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:15:10.878000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ClamAV 0.102.3 security patch released",
"trust": 0.8,
"url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"
},
{
"title": "Clam AntiVirus Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=118727"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"
},
{
"trust": 1.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3327"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202007-23"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4370-1/"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4370-2/"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4435-1/"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4435-2/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3327"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157681/clam-antivirus-toolkit-0.102.3.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157799/ubuntu-security-notice-usn-4370-2.html"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48917"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158454/clam-antivirus-toolkit-0.102.4.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-three-vulnerabilities-32863"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158626/ubuntu-security-notice-usn-4435-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2558/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2704/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0056/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1758/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1831/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1775/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-denial-of-service-via-an-arj-archive-32251"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4370-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3341"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3481"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3350"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4435-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181942"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.19.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.16.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4435-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4370-2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158624"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181452"
},
{
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158624"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-181452"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"date": "2020-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"date": "2020-05-21T19:33:33",
"db": "PACKETSTORM",
"id": "157796"
},
{
"date": "2020-07-27T18:46:40",
"db": "PACKETSTORM",
"id": "158624"
},
{
"date": "2020-07-27T18:46:49",
"db": "PACKETSTORM",
"id": "158626"
},
{
"date": "2020-05-21T23:56:22",
"db": "PACKETSTORM",
"id": "157799"
},
{
"date": "2020-05-13T03:15:11.140000",
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"date": "2020-05-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-181452"
},
{
"date": "2020-08-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3327"
},
{
"date": "2020-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005536"
},
{
"date": "2023-11-07T03:22:36.483000",
"db": "NVD",
"id": "CVE-2020-3327"
},
{
"date": "2021-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "157796"
},
{
"db": "PACKETSTORM",
"id": "158626"
},
{
"db": "PACKETSTORM",
"id": "157799"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clam AntiVirus Input verification vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005536"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-695"
}
],
"trust": 0.6
}
}
var-201203-0144
Vulnerability from variot
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR Parser If it is announced that there is also a problem with the implementation of CVE May be split.Corresponding to the length field of the full entry and part of the header of the next entry by a third party TAR Malware detection may be bypassed through archive entries. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bit2defender 7. ============================================================================ Ubuntu Security Notice USN-1482-2 June 20, 2012
clamav regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
Summary:
ClamAV could improperly detect malware if it opened a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled certain malformed TAR archives. (CVE-2012-1457, CVE-2012-1459)
It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. (CVE-2012-1458)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: clamav 0.97.5+dfsg-1ubuntu0.12.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.12.04.2
Ubuntu 11.10: clamav 0.97.5+dfsg-1ubuntu0.11.10.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.10.2
Ubuntu 11.04: clamav 0.97.5+dfsg-1ubuntu0.11.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.04.2
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1482-2 http://www.ubuntu.com/usn/usn-1482-1 https://launchpad.net/bugs/1015337
Package Information: https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2012:094 http://www.mandriva.com/security/
Package : clamav Date : June 18, 2012 Affected: Enterprise Server 5.0
Problem Description:
This is a bugfix release that upgrades clamav to the latest version (0.97.5) that resolves the following security issues:
The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459 http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5
Updated Packages:
Mandriva Enterprise Server 5: d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf OUr1QL5Wsvt3KboLKCdYUhE= =1QL7 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0144",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "virusbuster",
"scope": "eq",
"trust": 2.4,
"vendor": "virusbuster",
"version": "13.6.151.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 2.1,
"vendor": "comodo",
"version": "7424"
},
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "authentium",
"version": "5.2.11.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "avg",
"version": "10.0.0.1190"
},
{
"model": "bitdefender",
"scope": "eq",
"trust": 1.8,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.8,
"vendor": "clamav",
"version": "0.96.4"
},
{
"model": "anti-malware",
"scope": "eq",
"trust": 1.8,
"vendor": "emsisoft",
"version": "5.1.0.1"
},
{
"model": "virus utilities t3 command line scanner",
"scope": "eq",
"trust": 1.8,
"vendor": "ikarus",
"version": "1.1.97.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "jiangmin",
"version": "13.0.900"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "pc tools",
"version": "7.0.3.5"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "f secure",
"version": "9.0.16160.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "scan engine",
"scope": "eq",
"trust": 1.8,
"vendor": "mcafee",
"version": "5.400.0.1158"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "v3 internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "ahnlab",
"version": "2011.01.18.00"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "5.0.677.0"
},
{
"model": "housecall",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "nprotect",
"version": "2011-01-17.01"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "5795"
},
{
"model": "g data antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "gdata",
"version": "21"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "trend micro antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "f prot",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "k7computing",
"version": "9.77.3565"
},
{
"model": "quick heal",
"scope": "eq",
"trust": 1.0,
"vendor": "cat",
"version": "11.00"
},
{
"model": "vba32",
"scope": "eq",
"trust": 1.0,
"vendor": "anti virus",
"version": "3.12.14.2"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivir",
"scope": "eq",
"trust": 1.0,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "avast antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "alwil",
"version": "4.8.1351.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "4.8.1351.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "avast s r o",
"version": "5.0.677.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "avira",
"version": "7.11.1.163"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "nod32 anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "eset",
"version": "5795"
},
{
"model": "f-prot antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "frisk",
"version": "4.6.2.117"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "g data",
"version": "21"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "k7 computing",
"version": "9.77.3565"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "nprotect",
"version": "2011-01-17.01"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.8,
"vendor": "virusblokada",
"version": "3.12.14.2"
},
{
"model": "v3 internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "unlab",
"version": "2011.01.18.00"
},
{
"model": "heal",
"scope": "eq",
"trust": 0.8,
"vendor": "quick heal k k",
"version": "11.00"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2.0 antimalware engine 1.1.6402.0"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "vba32",
"scope": "eq",
"trust": 0.3,
"vendor": "virusblokada",
"version": "3.12.142"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "virusbuster",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "13.6.1510"
},
{
"model": "trend micro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20101.3103"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "pctools",
"version": "7.0.35"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.6402"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "7.0125"
},
{
"model": "computing pvt ltd k7antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "k7",
"version": "9.77.3565"
},
{
"model": "jiangmin",
"scope": "eq",
"trust": 0.3,
"vendor": "jiangmin",
"version": "13.0.900"
},
{
"model": "antivirus t3.1.1.97.0",
"scope": null,
"trust": 0.3,
"vendor": "ikarus",
"version": null
},
{
"model": "data software gdata",
"scope": "eq",
"trust": 0.3,
"vendor": "g",
"version": "21"
},
{
"model": "software f-prot antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "frisk",
"version": "4.6.2117"
},
{
"model": "nod32",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "5795"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11"
},
{
"model": "anti-virus clamav",
"scope": "eq",
"trust": 0.3,
"vendor": "clam",
"version": "0.96.4"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "7.2"
},
{
"model": "antivir engine",
"scope": "eq",
"trust": 0.3,
"vendor": "avira",
"version": "7.11.1163"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "avg",
"version": "10.01190"
},
{
"model": "avast5 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "5.0.6770"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "4.8.1351.0"
},
{
"model": "command antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "authentium",
"version": "5.2.115"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
},
{
"model": "engine",
"scope": "eq",
"trust": 0.3,
"vendor": "ahnlab",
"version": "v32011.01.18.00"
}
],
"sources": [
{
"db": "BID",
"id": "52623"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1459"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52623"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1459",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1459",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54740",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1459",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-422",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54740",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR Parser If it is announced that there is also a problem with the implementation of CVE May be split.Corresponding to the length field of the full entry and part of the header of the next entry by a third party TAR Malware detection may be bypassed through archive entries. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bit2defender 7. ============================================================================\nUbuntu Security Notice USN-1482-2\nJune 20, 2012\n\nclamav regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n\nSummary:\n\nClamAV could improperly detect malware if it opened a specially crafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail\nto install in certain situations. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled certain malformed TAR\n archives. (CVE-2012-1457,\n CVE-2012-1459)\n \n It was discovered that ClamAV incorrectly handled certain malformed CHM\n files. A remote attacker could create a specially-crafted CHM file\n containing malware that could escape being detected. (CVE-2012-1458)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n clamav 0.97.5+dfsg-1ubuntu0.12.04.2\n clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.2\n libclamav6 0.97.5+dfsg-1ubuntu0.12.04.2\n\nUbuntu 11.10:\n clamav 0.97.5+dfsg-1ubuntu0.11.10.2\n clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.2\n libclamav6 0.97.5+dfsg-1ubuntu0.11.10.2\n\nUbuntu 11.04:\n clamav 0.97.5+dfsg-1ubuntu0.11.04.2\n clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.2\n libclamav6 0.97.5+dfsg-1ubuntu0.11.04.2\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-1482-2\n http://www.ubuntu.com/usn/usn-1482-1\n https://launchpad.net/bugs/1015337\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2\n https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2012:094\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : clamav\n Date : June 18, 2012\n Affected: Enterprise Server 5.0\n _______________________________________________________________________\n\n Problem Description:\n\n This is a bugfix release that upgrades clamav to the latest version\n (0.97.5) that resolves the following security issues:\n \n The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass\n malware detection via a TAR archive entry with a length field that\n exceeds the total TAR file size. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459\n http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm\n 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm\n c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm\n d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm\n 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm\n 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm \n 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm \n 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf\nOUr1QL5Wsvt3KboLKCdYUhE=\n=1QL7\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "BID",
"id": "52623"
},
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "PACKETSTORM",
"id": "115619"
},
{
"db": "PACKETSTORM",
"id": "113895"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-54740",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1459",
"trust": 3.2
},
{
"db": "BID",
"id": "52623",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80396",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80389",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80391",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80403",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80395",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80390",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80392",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80393",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80409",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80406",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80407",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19231",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "113878",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "115619",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "113895",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-54740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113841",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "BID",
"id": "52623"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "PACKETSTORM",
"id": "115619"
},
{
"db": "PACKETSTORM",
"id": "113895"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"id": "VAR-201203-0144",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:08.445000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/"
},
{
"title": "Command Antivirus",
"trust": 0.8,
"url": "http://www.authentium.com/command/csavdownload.html"
},
{
"title": "avast! Antivirus",
"trust": 0.8,
"url": "https://www.avast.co.jp/index"
},
{
"title": "AVG Anti-Virus",
"trust": 0.8,
"url": "http://www.avgjapan.com/home-small-office-security/buy-antivirus"
},
{
"title": "AntiVir",
"trust": 0.8,
"url": "http://www.avira.com/"
},
{
"title": "Rising Antivirus",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Bitdefender",
"trust": 0.8,
"url": "http://www.bitdefender.com/"
},
{
"title": "ClamAV",
"trust": 0.8,
"url": "http://www.clamav.net/lang/en/"
},
{
"title": "Comodo Antivirus",
"trust": 0.8,
"url": "http://www.comodo.com/home/internet-security/antivirus.php"
},
{
"title": "Emsisoft Anti-Malware",
"trust": 0.8,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"title": "ESET NOD32\u30a2\u30f3\u30c1\u30a6\u30a4\u30eb\u30b9",
"trust": 0.8,
"url": "http://www.eset.com/us/"
},
{
"title": "Fortinet Antivirus",
"trust": 0.8,
"url": "http://www.fortinet.com/solutions/antivirus.html"
},
{
"title": "F-Prot Antivirus",
"trust": 0.8,
"url": "http://www.f-prot.com/index.html"
},
{
"title": "G Data AntiVirus",
"trust": 0.8,
"url": "http://www.gdata.co.jp/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ikarus.at/en/"
},
{
"title": "Jiangmin Antivirus",
"trust": 0.8,
"url": "http://global.jiangmin.com/"
},
{
"title": "K7 AntiVirus",
"trust": 0.8,
"url": "http://www.k7computing.com/en/consumer_home.php"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/us/products/web-gateway.aspx"
},
{
"title": "McAfee Scan Engine",
"trust": 0.8,
"url": "http://www.mcafee.com/us/support/support-eol-scan-engine.aspx"
},
{
"title": "Norman Antivirus",
"trust": 0.8,
"url": "http://www.norman.com/products/antivirus_antispyware/en"
},
{
"title": "nProtect Anti-Virus",
"trust": 0.8,
"url": "http://global.nprotect.com/product/avs.php"
},
{
"title": "openSUSE-SU-2012:0833",
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"title": "Panda Antivirus",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "PC Tools AntiVirus",
"trust": 0.8,
"url": "http://www.pctools.com/jp/spyware-doctor-antivirus/"
},
{
"title": "Quick Heal",
"trust": 0.8,
"url": "http://www.quickheal.com/"
},
{
"title": "Sophos Anti-Virus",
"trust": 0.8,
"url": "http://www.sophos.com/ja-jp/"
},
{
"title": "Endpoint Protection",
"trust": 0.8,
"url": "http://www.symantec.com/ja/jp/endpoint-protection"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/home/index.html"
},
{
"title": "Trend Micro HouseCall",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/tools/housecall/index.html"
},
{
"title": "VBA32",
"trust": 0.8,
"url": "http://anti-virus.by/en/index.shtml"
},
{
"title": "VirusBuster",
"trust": 0.8,
"url": "http://www.virusbuster.hu/en"
},
{
"title": "V3 Internet Security",
"trust": 0.8,
"url": "http://www.ahnlab.co.jp/product_service/product/b2b/v3is8.asp"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Microsoft Security Essentials",
"trust": 0.8,
"url": "http://windows.microsoft.com/ja-jp/windows/products/security-essentials"
},
{
"title": "F-Secure Anti-Virus",
"trust": 0.8,
"url": "http://www.f-secure.com/ja/web/home_jp/protection/anti-virus/overview"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52623"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2012:094"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80389"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80390"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80391"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80392"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80393"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80395"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80396"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80403"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80406"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80407"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80409"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1459"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1459"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19231"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1459"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1458"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.authentium.com"
},
{
"trust": 0.3,
"url": "http://www.avast.com"
},
{
"trust": 0.3,
"url": "http://www.avg.com"
},
{
"trust": 0.3,
"url": "http://www.avira.com/"
},
{
"trust": 0.3,
"url": "http://www.bitdefender.com"
},
{
"trust": 0.3,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"trust": 0.3,
"url": "http://eset.com"
},
{
"trust": 0.3,
"url": "http://www.f-prot.com/"
},
{
"trust": 0.3,
"url": "http://www.gdatasoftware.com"
},
{
"trust": 0.3,
"url": "http://www.ikarus.at"
},
{
"trust": 0.3,
"url": "http://global.jiangmin.com/"
},
{
"trust": 0.3,
"url": "http://www.k7computing.com/en/product/k7-antivirusplus.php"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pctools.com/spyware-doctor-antivirus/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.com/"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
},
{
"trust": 0.3,
"url": "http://anti-virus.by/en/index.shtml"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-1482-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1457"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.3"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1482-3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1015405"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1015337"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1482-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=changelog;hb=clamav-0.97.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1457"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1458"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "BID",
"id": "52623"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "PACKETSTORM",
"id": "115619"
},
{
"db": "PACKETSTORM",
"id": "113895"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54740"
},
{
"db": "BID",
"id": "52623"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"db": "PACKETSTORM",
"id": "115619"
},
{
"db": "PACKETSTORM",
"id": "113895"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54740"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52623"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"date": "2012-08-17T02:36:21",
"db": "PACKETSTORM",
"id": "115619"
},
{
"date": "2012-06-20T03:33:06",
"db": "PACKETSTORM",
"id": "113895"
},
{
"date": "2012-06-20T02:54:11",
"db": "PACKETSTORM",
"id": "113878"
},
{
"date": "2012-06-19T00:56:02",
"db": "PACKETSTORM",
"id": "113841"
},
{
"date": "2012-03-21T10:11:49.597000",
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-54740"
},
{
"date": "2015-04-13T22:00:00",
"db": "BID",
"id": "52623"
},
{
"date": "2012-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001869"
},
{
"date": "2018-01-18T02:29:13.273000",
"db": "NVD",
"id": "CVE-2012-1459"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "115619"
},
{
"db": "PACKETSTORM",
"id": "113895"
},
{
"db": "PACKETSTORM",
"id": "113878"
},
{
"db": "PACKETSTORM",
"id": "113841"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products TAR Vulnerability that prevents file parsers from detecting malware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001869"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-422"
}
],
"trust": 0.6
}
}
var-202001-0770
Vulnerability from variot
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. ========================================================================= Ubuntu Security Notice USN-4230-2 January 23, 2020
clamav vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
ClamAV could be made to crash if it opened a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled certain MIME messages.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4230-2 https://usn.ubuntu.com/4230-1 CVE-2019-15961 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-46
https://security.gentoo.org/
Severity: Low Title: ClamAV: Multiple vulnerabilities Date: March 19, 2020 Bugs: #702010, #708424 ID: 202003-46
Synopsis
Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition.
Background
ClamAV is a GPL virus scanner.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-antivirus/clamav < 0.102.2 >= 0.102.2
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.102.2"
References
[ 1 ] CVE-2019-15961 https://nvd.nist.gov/vuln/detail/CVE-2019-15961 [ 2 ] CVE-2020-3123 https://nvd.nist.gov/vuln/detail/CVE-2020-3123
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-46
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0770",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "clamav",
"scope": "lte",
"trust": 1.8,
"vendor": "clamav",
"version": "0.101.4"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.8,
"vendor": "clamav",
"version": "0.102.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1.2-023"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1.1-042"
},
{
"model": "e email security appliance",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.101.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,Tomasz Kojm,Gentoo",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.6
},
"cve": "CVE-2019-15961",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-15961",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-148060",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-15961",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-15961",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-15961",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1262",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-148060",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-15961",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. =========================================================================\nUbuntu Security Notice USN-4230-2\nJanuary 23, 2020\n\nclamav vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nClamAV could be made to crash if it opened a specially crafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4230-1 fixed a vulnerability in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled certain MIME messages. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n clamav 0.102.1+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://usn.ubuntu.com/4230-2\n https://usn.ubuntu.com/4230-1\n CVE-2019-15961\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202003-46\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: ClamAV: Multiple vulnerabilities\n Date: March 19, 2020\n Bugs: #702010, #708424\n ID: 202003-46\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in ClamAV, the worst of which\ncould result in a Denial of Service condition. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-antivirus/clamav \u003c 0.102.2 \u003e= 0.102.2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.102.2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2019-15961\n https://nvd.nist.gov/vuln/detail/CVE-2019-15961\n[ 2 ] CVE-2020-3123\n https://nvd.nist.gov/vuln/detail/CVE-2020-3123\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-46\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15961",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "155883",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156831",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156073",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0552",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4350",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4540",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0071.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0071",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4412",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4568",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155421",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-148060",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-15961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"id": "VAR-202001-0770",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
}
],
"trust": 0.53892258
},
"last_update_date": "2023-12-18T11:41:56.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bug 12380",
"trust": 0.8,
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"title": "Cisco Bug: CSCvr56010 - Opened to track: ClamAV for Cisco Email Security Appliance (ESA) Denial of Service Vulnerability",
"trust": 0.8,
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/cscvr56010"
},
{
"title": "Clam AntiVirus Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108207"
},
{
"title": "Ubuntu Security Notice: clamav vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4230-1"
},
{
"title": "Ubuntu Security Notice: clamav vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4230-2"
},
{
"title": "Debian CVElist Bug Report Logs: new upstream version 0.102.1 to fix CVE-2019-15961",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8d35b8b88a91d7df7c4a2aec03a4e3d1"
},
{
"title": "Amazon Linux AMI: ALAS-2020-1335",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2020-1335"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2019-15961 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"trust": 1.8,
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"trust": 1.8,
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/cscvr56010"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15961"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15961"
},
{
"trust": 0.7,
"url": "https://usn.ubuntu.com/4230-1/"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193177-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193176-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914236-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155421/clam-antivirus-toolkit-0.102.1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155883/ubuntu-security-notice-usn-4230-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0071/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4568/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0071.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0552/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-denial-of-service-via-mime-messages-parsing-30920"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156831/gentoo-linux-security-advisory-202003-46.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156073/ubuntu-security-notice-usn-4230-2.html"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4230-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110968"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4230-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3123"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.16.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.18.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.10.2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-148060"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"date": "2020-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"date": "2020-01-23T19:19:09",
"db": "PACKETSTORM",
"id": "156073"
},
{
"date": "2020-03-19T22:01:09",
"db": "PACKETSTORM",
"id": "156831"
},
{
"date": "2020-01-08T16:53:54",
"db": "PACKETSTORM",
"id": "155883"
},
{
"date": "2020-01-15T19:15:13.317000",
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-19T00:00:00",
"db": "VULHUB",
"id": "VHN-148060"
},
{
"date": "2022-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"date": "2020-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"date": "2022-10-19T18:54:05.470000",
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"date": "2020-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clam AntiVirus software Vulnerabilities related to resource exhaustion",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.6
}
}
var-202205-0218
Vulnerability from variot
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ========================================================================== Ubuntu Security Notice USN-5423-2 May 17, 2022
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5423-2 https://ubuntu.com/security/notices/USN-5423-1 CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01
https://security.gentoo.org/
Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01
Synopsis
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.
Background
ClamAV is a GPL virus scanner.
Affected packages
Package Vulnerable Unaffected
app-antivirus/clamav < 0.103.7 >= 0.103.7
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
References
[ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.16.3"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5.5"
},
{
"model": "clamav",
"scope": "gte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.0"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.17.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "secure endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.2"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "cisco secure endpoint",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "clamav",
"scope": null,
"trust": 0.8,
"vendor": "clamav",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
}
],
"trust": 0.2
},
"cve": "CVE-2022-20771",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20771",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-405324",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20771",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-20771",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20771",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-2064",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-405324",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-20771",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405324"
},
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ==========================================================================\nUbuntu Security Notice USN-5423-2\nMay 17, 2022\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-5423-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. \n\n\nOriginal advisory details:\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing CHM files. \n A remote attacker could possibly use this issue to cause ClamAV to stop\n responding, resulting in a denial of service. (CVE-2022-20770)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing TIFF\n files. A remote attacker could possibly use this issue to cause ClamAV to\n stop responding, resulting in a denial of service. (CVE-2022-20771)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing HTML\n files. A remote attacker could possibly use this issue to cause ClamAV to\n consume resources, resulting in a denial of service. (CVE-2022-20785)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled loading the\n signature database. A remote attacker could possibly use this issue to\n cause ClamAV to crash, resulting in a denial of service, or possibly\n execute arbitrary code. (CVE-2022-20792)\n\n Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly\n handled the scan verdict cache check. A remote attacker could possibly use\n this issue to cause ClamAV to crash, resulting in a denial of service, or\n possibly execute arbitrary code.(CVE-2022-20796)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1\n\nUbuntu 14.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5423-2\n https://ubuntu.com/security/notices/USN-5423-1\n CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,\n CVE-2022-20796\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ClamAV: Multiple Vulnerabilities\n Date: October 01, 2023\n Bugs: #831083, #842813, #894672\n ID: 202310-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ClamAV, the worst of\nwhich could result in remote code execution. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\napp-antivirus/clamav \u003c 0.103.7 \u003e= 0.103.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.103.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-20698\n https://nvd.nist.gov/vuln/detail/CVE-2022-20698\n[ 2 ] CVE-2022-20770\n https://nvd.nist.gov/vuln/detail/CVE-2022-20770\n[ 3 ] CVE-2022-20771\n https://nvd.nist.gov/vuln/detail/CVE-2022-20771\n[ 4 ] CVE-2022-20785\n https://nvd.nist.gov/vuln/detail/CVE-2022-20785\n[ 5 ] CVE-2022-20792\n https://nvd.nist.gov/vuln/detail/CVE-2022-20792\n[ 6 ] CVE-2022-20796\n https://nvd.nist.gov/vuln/detail/CVE-2022-20796\n[ 7 ] CVE-2022-20803\n https://nvd.nist.gov/vuln/detail/CVE-2022-20803\n[ 8 ] CVE-2023-20032\n https://nvd.nist.gov/vuln/detail/CVE-2023-20032\n[ 9 ] CVE-2023-20052\n https://nvd.nist.gov/vuln/detail/CVE-2023-20052\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "VULHUB",
"id": "VHN-405324"
},
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20771",
"trust": 3.7
},
{
"db": "PACKETSTORM",
"id": "167199",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167211",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.2431",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2362",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2784",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051836",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050437",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-64262",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-405324",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-20771",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405324"
},
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"id": "VAR-202205-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-405324"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T01:35:37.050000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2022-0ac71a8f3a Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://www.clamav.net/"
},
{
"title": "ClamAV Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=191378"
},
{
"title": "Cisco: ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: May 2022",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-clamav-dos-zazbwrvg"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2022-20771"
},
{
"title": "Ubuntu Security Notice: USN-5423-1: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-1"
},
{
"title": "Ubuntu Security Notice: USN-5423-2: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-2"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1621",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2022-1621"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-090",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-090"
},
{
"title": "Amazon Linux 2022: ALAS-2022-229",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas-2022-229"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-dos-zazbwrvg"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20771"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050437"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-multiple-vulnerabilities-38245"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051836"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2362"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20771/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167199/ubuntu-security-notice-usn-5423-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2431"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167211/ubuntu-security-notice-usn-5423-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2784"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051732"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-5423-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20770"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20796"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20792"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20785"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-dos-zazbwrvg"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5423-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.21.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20052"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20698"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405324"
},
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-405324"
},
{
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-405324"
},
{
"date": "2022-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"date": "2023-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"date": "2022-05-18T16:36:26",
"db": "PACKETSTORM",
"id": "167211"
},
{
"date": "2022-05-17T17:12:26",
"db": "PACKETSTORM",
"id": "167199"
},
{
"date": "2023-10-02T15:09:41",
"db": "PACKETSTORM",
"id": "174873"
},
{
"date": "2022-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"date": "2022-05-04T17:15:08.440000",
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-01T00:00:00",
"db": "VULHUB",
"id": "VHN-405324"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20771"
},
{
"date": "2023-08-16T04:37:00",
"db": "JVNDB",
"id": "JVNDB-2022-010586"
},
{
"date": "2022-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2064"
},
{
"date": "2023-11-07T03:42:54.193000",
"db": "NVD",
"id": "CVE-2022-20771"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ClamAV\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010586"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-2064"
}
],
"trust": 0.6
}
}
var-202302-1452
Vulnerability from variot
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:
A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.
This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.
For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"]. Cisco Systems Cisco Secure Endpoint Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy. ========================================================================== Ubuntu Security Notice USN-5887-1 February 27, 2023
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
Simon Scannell discovered that ClamAV incorrectly handled parsing HFS+ files. (CVE-2023-20032)
Simon Scannell discovered that ClamAV incorrectly handled parsing DMG files. A remote attacker could possibly use this issue to expose sensitive information. (CVE-2023-20052)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10: clamav 0.103.8+dfsg-0ubuntu0.22.10.1
Ubuntu 22.04 LTS: clamav 0.103.8+dfsg-0ubuntu0.22.04.1
Ubuntu 20.04 LTS: clamav 0.103.8+dfsg-0ubuntu0.20.04.1
Ubuntu 18.04 LTS: clamav 0.103.8+dfsg-0ubuntu0.18.04.1
Ubuntu 16.04 ESM: clamav 0.103.8+dfsg-0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM: clamav 0.103.8+dfsg-0ubuntu0.14.04.1+esm1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5887-1 CVE-2023-20032, CVE-2023-20052
Package Information: https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.10.1 https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.18.04.1
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01
https://security.gentoo.org/
Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01
Synopsis
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.
Background
ClamAV is a GPL virus scanner.
Affected packages
Package Vulnerable Unaffected
app-antivirus/clamav < 0.103.7 >= 0.103.7
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
References
[ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202302-1452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "network security",
"scope": "gte",
"trust": 1.0,
"vendor": "stormshield",
"version": "4.4.0"
},
{
"model": "network security",
"scope": "lt",
"trust": 1.0,
"vendor": "stormshield",
"version": "4.6.4"
},
{
"model": "web security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0.4-005"
},
{
"model": "secure endpoint private cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6.0"
},
{
"model": "web security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.0.0"
},
{
"model": "web security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0.0"
},
{
"model": "clamav",
"scope": "gte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.0"
},
{
"model": "network security",
"scope": "lt",
"trust": 1.0,
"vendor": "stormshield",
"version": "3.7.35"
},
{
"model": "network security",
"scope": "gte",
"trust": 1.0,
"vendor": "stormshield",
"version": "3.0.0"
},
{
"model": "network security",
"scope": "lt",
"trust": 1.0,
"vendor": "stormshield",
"version": "3.11.23"
},
{
"model": "web security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "15.0.0-254"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.20.2"
},
{
"model": "web security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.5.1-013"
},
{
"model": "network security",
"scope": "gte",
"trust": 1.0,
"vendor": "stormshield",
"version": "3.8.0"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "1.0.0"
},
{
"model": "network security",
"scope": "gte",
"trust": 1.0,
"vendor": "stormshield",
"version": "4.3.0"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "8.1.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5.9"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.21.1"
},
{
"model": "secure endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "8.0.1.21160"
},
{
"model": "web security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5.6"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.105.1"
},
{
"model": "web security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.5.0"
},
{
"model": "network security",
"scope": "lt",
"trust": 1.0,
"vendor": "stormshield",
"version": "4.3.17"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.7"
},
{
"model": "cisco web \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a2\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "clamav",
"scope": null,
"trust": 0.8,
"vendor": "clamav",
"version": null
},
{
"model": "network security",
"scope": null,
"trust": 0.8,
"vendor": "stormshield",
"version": null
},
{
"model": "cisco secure endpoint private cloud",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco secure endpoint",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.0.0-254",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.5.1-013",
"versionStartIncluding": "14.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.4-005",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "8.1.5",
"versionStartIncluding": "8.0.1.21160",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.20.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:1.0.0:rc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:1.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:1.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.103.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.105.1",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.6.4",
"versionStartIncluding": "4.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3.17",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.11.23",
"versionStartIncluding": "3.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.7.35",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "171129"
}
],
"trust": 0.1
},
"cve": "CVE-2023-20032",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-20032",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-20032",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20032",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202302-1351",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. \r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. \r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]. Cisco Systems Cisco Secure Endpoint Products from other vendors have out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \nThis advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy. ==========================================================================\nUbuntu Security Notice USN-5887-1\nFebruary 27, 2023\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nSimon Scannell discovered that ClamAV incorrectly handled parsing\nHFS+ files. (CVE-2023-20032)\n\nSimon Scannell discovered that ClamAV incorrectly handled parsing\nDMG files. A remote attacker could possibly use this issue\nto expose sensitive information. (CVE-2023-20052)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.10:\n clamav 0.103.8+dfsg-0ubuntu0.22.10.1\n\nUbuntu 22.04 LTS:\n clamav 0.103.8+dfsg-0ubuntu0.22.04.1\n\nUbuntu 20.04 LTS:\n clamav 0.103.8+dfsg-0ubuntu0.20.04.1\n\nUbuntu 18.04 LTS:\n clamav 0.103.8+dfsg-0ubuntu0.18.04.1\n\nUbuntu 16.04 ESM:\n clamav 0.103.8+dfsg-0ubuntu0.16.04.1+esm1\n\nUbuntu 14.04 ESM:\n clamav 0.103.8+dfsg-0ubuntu0.14.04.1+esm1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5887-1\n CVE-2023-20032, CVE-2023-20052\n\nPackage Information:\nhttps://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.10.1\nhttps://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.04.1\nhttps://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.20.04.1\nhttps://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.18.04.1\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ClamAV: Multiple Vulnerabilities\n Date: October 01, 2023\n Bugs: #831083, #842813, #894672\n ID: 202310-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ClamAV, the worst of\nwhich could result in remote code execution. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\napp-antivirus/clamav \u003c 0.103.7 \u003e= 0.103.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.103.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-20698\n https://nvd.nist.gov/vuln/detail/CVE-2022-20698\n[ 2 ] CVE-2022-20770\n https://nvd.nist.gov/vuln/detail/CVE-2022-20770\n[ 3 ] CVE-2022-20771\n https://nvd.nist.gov/vuln/detail/CVE-2022-20771\n[ 4 ] CVE-2022-20785\n https://nvd.nist.gov/vuln/detail/CVE-2022-20785\n[ 5 ] CVE-2022-20792\n https://nvd.nist.gov/vuln/detail/CVE-2022-20792\n[ 6 ] CVE-2022-20796\n https://nvd.nist.gov/vuln/detail/CVE-2022-20796\n[ 7 ] CVE-2022-20803\n https://nvd.nist.gov/vuln/detail/CVE-2022-20803\n[ 8 ] CVE-2023-20032\n https://nvd.nist.gov/vuln/detail/CVE-2023-20032\n[ 9 ] CVE-2023-20052\n https://nvd.nist.gov/vuln/detail/CVE-2023-20052\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20032"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "VULMON",
"id": "CVE-2023-20032"
},
{
"db": "PACKETSTORM",
"id": "171129"
},
{
"db": "PACKETSTORM",
"id": "174873"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20032",
"trust": 3.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2023.0953",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.1077",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20032"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "PACKETSTORM",
"id": "171129"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"id": "VAR-202302-1452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44624132
},
"last_update_date": "2024-01-29T19:09:25.031000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-clamav-q8DThCy",
"trust": 0.8,
"url": "https://www.clamav.net/"
},
{
"title": "ClamAV Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=228436"
},
{
"title": "Debian CVElist Bug Report Logs: clamav: 2 RCE bugs in ClamAV 0.103 (+ 1.0.0), CVE-2023-20032/CVE-2023-20052",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=72b1e54f904f4b9ca82d85ff39559617"
},
{
"title": "Cisco: ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-clamav-q8dthcy"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/marekbeckmann/clamav-installation-script "
},
{
"title": null,
"trust": 0.1,
"url": "https://www.theregister.co.uk/2023/02/17/cisco_clamav_critical_flaw/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20032"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-q8dthcy"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20032"
},
{
"trust": 0.9,
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20032/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.0953"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1077"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20052"
},
{
"trust": 0.1,
"url": "https://github.com/marekbeckmann/clamav-installation-script"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5887-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.8+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20792"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20785"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20771"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20770"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20698"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20032"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "PACKETSTORM",
"id": "171129"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-20032"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"db": "PACKETSTORM",
"id": "171129"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"date": "2023-02-27T14:51:49",
"db": "PACKETSTORM",
"id": "171129"
},
{
"date": "2023-10-02T15:09:41",
"db": "PACKETSTORM",
"id": "174873"
},
{
"date": "2023-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"date": "2023-03-01T08:15:11.907000",
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-06T01:15:00",
"db": "JVNDB",
"id": "JVNDB-2023-004930"
},
{
"date": "2023-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-1351"
},
{
"date": "2024-01-25T17:15:25.840000",
"db": "NVD",
"id": "CVE-2023-20032"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "171129"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Systems \u00a0Cisco\u00a0Secure\u00a0Endpoint\u00a0 Out-of-Bounds Write Vulnerability in Other Vendors\u0027 Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-004930"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-1351"
}
],
"trust": 0.6
}
}
var-202205-0215
Vulnerability from variot
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. Clam AntiVirus (ClamAV) for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ========================================================================== Ubuntu Security Notice USN-5423-2 May 17, 2022
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5423-2 https://ubuntu.com/security/notices/USN-5423-1 CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01
https://security.gentoo.org/
Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01
Synopsis
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.
Background
ClamAV is a GPL virus scanner.
Affected packages
Package Vulnerable Unaffected
app-antivirus/clamav < 0.103.7 >= 0.103.7
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
References
[ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0215",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.16.3"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5.5"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.1"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.17.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "secure endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.4"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.2"
},
{
"model": "cisco secure endpoint",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "clamav",
"scope": null,
"trust": 0.8,
"vendor": "clamav",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.103.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.103.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.104.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.104.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
}
],
"trust": 0.2
},
"cve": "CVE-2022-20796",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20796",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-405349",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20796",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-20796",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20796",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-2060",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-405349",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-20796",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. Clam AntiVirus (ClamAV) for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. ==========================================================================\nUbuntu Security Notice USN-5423-2\nMay 17, 2022\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-5423-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. \n\n\nOriginal advisory details:\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing CHM files. \n A remote attacker could possibly use this issue to cause ClamAV to stop\n responding, resulting in a denial of service. (CVE-2022-20770)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing TIFF\n files. A remote attacker could possibly use this issue to cause ClamAV to\n stop responding, resulting in a denial of service. (CVE-2022-20771)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing HTML\n files. A remote attacker could possibly use this issue to cause ClamAV to\n consume resources, resulting in a denial of service. (CVE-2022-20785)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled loading the\n signature database. A remote attacker could possibly use this issue to\n cause ClamAV to crash, resulting in a denial of service, or possibly\n execute arbitrary code. (CVE-2022-20792)\n\n Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly\n handled the scan verdict cache check. A remote attacker could possibly use\n this issue to cause ClamAV to crash, resulting in a denial of service, or\n possibly execute arbitrary code.(CVE-2022-20796)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1\n\nUbuntu 14.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5423-2\n https://ubuntu.com/security/notices/USN-5423-1\n CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,\n CVE-2022-20796\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ClamAV: Multiple Vulnerabilities\n Date: October 01, 2023\n Bugs: #831083, #842813, #894672\n ID: 202310-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ClamAV, the worst of\nwhich could result in remote code execution. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\napp-antivirus/clamav \u003c 0.103.7 \u003e= 0.103.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.103.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-20698\n https://nvd.nist.gov/vuln/detail/CVE-2022-20698\n[ 2 ] CVE-2022-20770\n https://nvd.nist.gov/vuln/detail/CVE-2022-20770\n[ 3 ] CVE-2022-20771\n https://nvd.nist.gov/vuln/detail/CVE-2022-20771\n[ 4 ] CVE-2022-20785\n https://nvd.nist.gov/vuln/detail/CVE-2022-20785\n[ 5 ] CVE-2022-20792\n https://nvd.nist.gov/vuln/detail/CVE-2022-20792\n[ 6 ] CVE-2022-20796\n https://nvd.nist.gov/vuln/detail/CVE-2022-20796\n[ 7 ] CVE-2022-20803\n https://nvd.nist.gov/vuln/detail/CVE-2022-20803\n[ 8 ] CVE-2023-20032\n https://nvd.nist.gov/vuln/detail/CVE-2023-20032\n[ 9 ] CVE-2023-20052\n https://nvd.nist.gov/vuln/detail/CVE-2023-20052\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20796",
"trust": 3.7
},
{
"db": "PACKETSTORM",
"id": "167211",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167199",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.2784",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2431",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2362",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051836",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050437",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051732",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-64259",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-405349",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-20796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"id": "VAR-202205-0215",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-405349"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T01:35:36.962000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2022-0ac71a8f3a Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://www.clamav.net/"
},
{
"title": "ClamAV Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=243165"
},
{
"title": "Cisco: ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: May 2022",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-clamav-dos-vl9x58p4"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2022-20796"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2022-20796"
},
{
"title": "Ubuntu Security Notice: USN-5423-1: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-1"
},
{
"title": "Ubuntu Security Notice: USN-5423-2: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-2"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1621",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2022-1621"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-090",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-090"
},
{
"title": "Amazon Linux 2022: ALAS-2022-229",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas-2022-229"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-dos-vl9x58p4"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20796"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050437"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-multiple-vulnerabilities-38245"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051836"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20796/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2362"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167199/ubuntu-security-notice-usn-5423-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2431"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167211/ubuntu-security-notice-usn-5423-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2784"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051732"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-5423-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20770"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20771"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20792"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20785"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5423-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.21.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20052"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20698"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-405349"
},
{
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-405349"
},
{
"date": "2022-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"date": "2023-08-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"date": "2022-05-18T16:36:26",
"db": "PACKETSTORM",
"id": "167211"
},
{
"date": "2022-05-17T17:12:26",
"db": "PACKETSTORM",
"id": "167199"
},
{
"date": "2023-10-02T15:09:41",
"db": "PACKETSTORM",
"id": "174873"
},
{
"date": "2022-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"date": "2022-05-04T17:15:08.797000",
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-01T00:00:00",
"db": "VULHUB",
"id": "VHN-405349"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20796"
},
{
"date": "2023-08-14T01:51:00",
"db": "JVNDB",
"id": "JVNDB-2022-010228"
},
{
"date": "2023-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2060"
},
{
"date": "2023-11-07T03:42:58.520000",
"db": "NVD",
"id": "CVE-2022-20796"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clam\u00a0AntiVirus\u00a0 In \u00a0NULL\u00a0 Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-2060"
}
],
"trust": 0.6
}
}
var-202205-0219
Vulnerability from variot
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. There is a resource management error vulnerability in Clam AntiVirus, which can be used by attackers to implement denial of service attacks. ========================================================================== Ubuntu Security Notice USN-5423-2 May 17, 2022
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the signature database. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly handled the scan verdict cache check. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.(CVE-2022-20796)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1
Ubuntu 14.04 ESM: clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5423-2 https://ubuntu.com/security/notices/USN-5423-1 CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-01
https://security.gentoo.org/
Severity: Normal Title: ClamAV: Multiple Vulnerabilities Date: October 01, 2023 Bugs: #831083, #842813, #894672 ID: 202310-01
Synopsis
Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.
Background
ClamAV is a GPL virus scanner.
Affected packages
Package Vulnerable Unaffected
app-antivirus/clamav < 0.103.7 >= 0.103.7
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.103.7"
References
[ 1 ] CVE-2022-20698 https://nvd.nist.gov/vuln/detail/CVE-2022-20698 [ 2 ] CVE-2022-20770 https://nvd.nist.gov/vuln/detail/CVE-2022-20770 [ 3 ] CVE-2022-20771 https://nvd.nist.gov/vuln/detail/CVE-2022-20771 [ 4 ] CVE-2022-20785 https://nvd.nist.gov/vuln/detail/CVE-2022-20785 [ 5 ] CVE-2022-20792 https://nvd.nist.gov/vuln/detail/CVE-2022-20792 [ 6 ] CVE-2022-20796 https://nvd.nist.gov/vuln/detail/CVE-2022-20796 [ 7 ] CVE-2022-20803 https://nvd.nist.gov/vuln/detail/CVE-2022-20803 [ 8 ] CVE-2023-20032 https://nvd.nist.gov/vuln/detail/CVE-2023-20032 [ 9 ] CVE-2023-20052 https://nvd.nist.gov/vuln/detail/CVE-2023-20052
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202310-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202205-0219",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.16.3"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.103.5"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5.5"
},
{
"model": "clamav",
"scope": "gte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.0"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.17.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "clamav",
"scope": "lte",
"trust": 1.0,
"vendor": "clamav",
"version": "0.104.2"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"model": "secure endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "secure endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.18.2"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "cisco secure endpoint",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "clamav",
"scope": null,
"trust": 0.8,
"vendor": "clamav",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.103.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.104.2",
"versionStartIncluding": "0.104.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "7.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.18.2",
"versionStartIncluding": "1.18.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
}
],
"trust": 0.2
},
"cve": "CVE-2022-20770",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20770",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-405323",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-20770",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-20770",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20770",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202205-2065",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-405323",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-20770",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405323"
},
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available. ClamAV Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. Clam AntiVirus is an open source antivirus engine for detecting Trojans, viruses, malware and other malicious threats. There is a resource management error vulnerability in Clam AntiVirus, which can be used by attackers to implement denial of service attacks. ==========================================================================\nUbuntu Security Notice USN-5423-2\nMay 17, 2022\n\nclamav vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-5423-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. \n\n\nOriginal advisory details:\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing CHM files. \n A remote attacker could possibly use this issue to cause ClamAV to stop\n responding, resulting in a denial of service. (CVE-2022-20770)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing TIFF\n files. A remote attacker could possibly use this issue to cause ClamAV to\n stop responding, resulting in a denial of service. (CVE-2022-20771)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled parsing HTML\n files. A remote attacker could possibly use this issue to cause ClamAV to\n consume resources, resulting in a denial of service. (CVE-2022-20785)\n\n Micha\u0142 Dardas discovered that ClamAV incorrectly handled loading the\n signature database. A remote attacker could possibly use this issue to\n cause ClamAV to crash, resulting in a denial of service, or possibly\n execute arbitrary code. (CVE-2022-20792)\n\n Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly\n handled the scan verdict cache check. A remote attacker could possibly use\n this issue to cause ClamAV to crash, resulting in a denial of service, or\n possibly execute arbitrary code.(CVE-2022-20796)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.16.04.1+esm1\n\nUbuntu 14.04 ESM:\n clamav 0.103.6+dfsg-0ubuntu0.14.04.1+esm1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5423-2\n https://ubuntu.com/security/notices/USN-5423-1\n CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,\n CVE-2022-20796\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202310-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: ClamAV: Multiple Vulnerabilities\n Date: October 01, 2023\n Bugs: #831083, #842813, #894672\n ID: 202310-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in ClamAV, the worst of\nwhich could result in remote code execution. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n-------------------- ------------ ------------\napp-antivirus/clamav \u003c 0.103.7 \u003e= 0.103.7\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.103.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-20698\n https://nvd.nist.gov/vuln/detail/CVE-2022-20698\n[ 2 ] CVE-2022-20770\n https://nvd.nist.gov/vuln/detail/CVE-2022-20770\n[ 3 ] CVE-2022-20771\n https://nvd.nist.gov/vuln/detail/CVE-2022-20771\n[ 4 ] CVE-2022-20785\n https://nvd.nist.gov/vuln/detail/CVE-2022-20785\n[ 5 ] CVE-2022-20792\n https://nvd.nist.gov/vuln/detail/CVE-2022-20792\n[ 6 ] CVE-2022-20796\n https://nvd.nist.gov/vuln/detail/CVE-2022-20796\n[ 7 ] CVE-2022-20803\n https://nvd.nist.gov/vuln/detail/CVE-2022-20803\n[ 8 ] CVE-2023-20032\n https://nvd.nist.gov/vuln/detail/CVE-2023-20032\n[ 9 ] CVE-2023-20052\n https://nvd.nist.gov/vuln/detail/CVE-2023-20052\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202310-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "VULHUB",
"id": "VHN-405323"
},
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20770",
"trust": 3.7
},
{
"db": "PACKETSTORM",
"id": "167199",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167211",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.2431",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2362",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2784",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051836",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050437",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2022-64261",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-405323",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-20770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174873",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405323"
},
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"id": "VAR-202205-0219",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-405323"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T01:35:37.005000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FEDORA-2022-0ac71a8f3a Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://www.clamav.net/"
},
{
"title": "ClamAV Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=191379"
},
{
"title": "Cisco: ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: May 2022",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-clamav-dos-prvgchld"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2022-20770"
},
{
"title": "Ubuntu Security Notice: USN-5423-1: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-1"
},
{
"title": "Ubuntu Security Notice: USN-5423-2: ClamAV vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5423-2"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1621",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2022-1621"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-090",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-090"
},
{
"title": "Amazon Linux 2022: ALAS-2022-229",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas-2022-229"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-dos-prvgchld"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/202310-01"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20770"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/n4nnbijvg6z4pdikuzxtyxicyuayaz56/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bx5zxnhp4nfyq5bfsky3wt7ntbzuyg7l/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rv6bliatije74sq6ng5zc4jk5mmdq2r/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050437"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-multiple-vulnerabilities-38245"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051836"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20770/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2362"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167199/ubuntu-security-notice-usn-5423-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2431"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167211/ubuntu-security-notice-usn-5423-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2784"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051732"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-5423-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20771"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20796"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20792"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20785"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-clamav-dos-prvgchld"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5423-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.21.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.103.6+dfsg-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20052"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20698"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405323"
},
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-405323"
},
{
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-405323"
},
{
"date": "2022-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"date": "2023-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"date": "2022-05-18T16:36:26",
"db": "PACKETSTORM",
"id": "167211"
},
{
"date": "2022-05-17T17:12:26",
"db": "PACKETSTORM",
"id": "167199"
},
{
"date": "2023-10-02T15:09:41",
"db": "PACKETSTORM",
"id": "174873"
},
{
"date": "2022-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"date": "2022-05-04T17:15:08.377000",
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-01T00:00:00",
"db": "VULHUB",
"id": "VHN-405323"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20770"
},
{
"date": "2023-08-16T04:43:00",
"db": "JVNDB",
"id": "JVNDB-2022-010587"
},
{
"date": "2022-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202205-2065"
},
{
"date": "2023-11-07T03:42:53.957000",
"db": "NVD",
"id": "CVE-2022-20770"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "167211"
},
{
"db": "PACKETSTORM",
"id": "167199"
},
{
"db": "PACKETSTORM",
"id": "174873"
},
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ClamAV\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-010587"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202205-2065"
}
],
"trust": 0.6
}
}