FKIE_CVE-2014-9050

Vulnerability from fkie_nvd - Published: 2014-12-01 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
References
cve@mitre.orghttp://blog.clamav.net/2014/11/clamav-0985-has-been-released.htmlVendor Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html
cve@mitre.orghttp://secunia.com/advisories/59645
cve@mitre.orghttp://secunia.com/advisories/62542
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2014/11/22/1
cve@mitre.orghttp://www.securityfocus.com/bid/71242
cve@mitre.orghttp://www.securitytracker.com/id/1031268
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2423-1Patch, Vendor Advisory
cve@mitre.orghttps://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91eExploit
af854a3a-2127-422b-91ae-364da2661108http://blog.clamav.net/2014/11/clamav-0985-has-been-released.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59645
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/62542
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/11/22/1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/71242
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031268
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2423-1Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91eExploit
Impacted products
Vendor Product Version
clamav clamav *
clamav clamav 0.01
clamav clamav 0.02
clamav clamav 0.3
clamav clamav 0.03
clamav clamav 0.05
clamav clamav 0.8
clamav clamav 0.9
clamav clamav 0.10
clamav clamav 0.12
clamav clamav 0.13
clamav clamav 0.14
clamav clamav 0.14
clamav clamav 0.15
clamav clamav 0.20
clamav clamav 0.21
clamav clamav 0.22
clamav clamav 0.23
clamav clamav 0.24
clamav clamav 0.51
clamav clamav 0.52
clamav clamav 0.53
clamav clamav 0.54
clamav clamav 0.60
clamav clamav 0.60p
clamav clamav 0.65
clamav clamav 0.66
clamav clamav 0.67
clamav clamav 0.67-1
clamav clamav 0.68
clamav clamav 0.68.1
clamav clamav 0.70
clamav clamav 0.70
clamav clamav 0.71
clamav clamav 0.72
clamav clamav 0.73
clamav clamav 0.74
clamav clamav 0.75
clamav clamav 0.75.1
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80
clamav clamav 0.80_rc
clamav clamav 0.81
clamav clamav 0.81
clamav clamav 0.82
clamav clamav 0.83
clamav clamav 0.84
clamav clamav 0.84
clamav clamav 0.84
clamav clamav 0.85
clamav clamav 0.85.1
clamav clamav 0.86
clamav clamav 0.86
clamav clamav 0.86.1
clamav clamav 0.86.2
clamav clamav 0.87
clamav clamav 0.87.1
clamav clamav 0.88
clamav clamav 0.88.1
clamav clamav 0.88.2
clamav clamav 0.88.3
clamav clamav 0.88.4
clamav clamav 0.88.5
clamav clamav 0.88.6
clamav clamav 0.88.7
clamav clamav 0.88.7_p0
clamav clamav 0.88.7_p1
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90
clamav clamav 0.90.1
clamav clamav 0.90.1_p0
clamav clamav 0.90.2
clamav clamav 0.90.2_p0
clamav clamav 0.90.3
clamav clamav 0.90.3_p0
clamav clamav 0.90.3_p1
clamav clamav 0.91
clamav clamav 0.91
clamav clamav 0.91
clamav clamav 0.91.1
clamav clamav 0.91.2
clamav clamav 0.91.2_p0
clamav clamav 0.92
clamav clamav 0.92.1
clamav clamav 0.92_p0
clamav clamav 0.93
clamav clamav 0.93.1
clamav clamav 0.93.2
clamav clamav 0.93.3
clamav clamav 0.94
clamav clamav 0.94.1
clamav clamav 0.94.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB90B433-1628-4D60-A48B-FBA140542E0A",
              "versionEndIncluding": "0.94.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
              "matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
              "matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
              "matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
              "matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
              "matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
              "matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
    },
    {
      "lang": "es",
      "value": "El desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versi\u00f3n 0.98.5, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo y0da Crypter PE dise\u00f1ado."
    }
  ],
  "id": "CVE-2014-9050",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-01T15:59:10.797",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/59645"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62542"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/71242"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031268"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2423-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/71242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2423-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.