var-202006-1143
Vulnerability from variot

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working. Cisco AMP for Endpoints is a set of terminal applications from Cisco, which integrates static and dynamic malware analysis and threat intelligence. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ========================================================================= Ubuntu Security Notice USN-4435-2 July 27, 2020

clamav vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in ClamAV.

Software Description: - clamav: Anti-virus utility for Unix

Details:

USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3350)

It was discovered that ClamAV incorrectly handled parsing EGG archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3481)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References: https://usn.ubuntu.com/4435-2 https://usn.ubuntu.com/4435-1 CVE-2020-3327, CVE-2020-3350, CVE-2020-3481

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1143",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "18.04"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "31"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "advanced malware protection for endpoints",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.12.4"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "32"
      },
      {
        "model": "clam antivirus",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "0.102.4"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "16.04"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "20.04"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "14.04"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "12.04"
      },
      {
        "model": "amp for endpoints",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "clam antivirus",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:advanced_malware_protection_for_endpoints:*:*:*:*:*:mac_os:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.12.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:advanced_malware_protection_for_endpoints:*:*:*:*:*:linux:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.12.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "0.102.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "db": "PACKETSTORM",
        "id": "158626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2020-3350",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.4,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 3.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006926",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.4,
            "id": "VHN-181475",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:N/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.0,
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ykramarz@cisco.com",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006926",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-3350",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "ykramarz@cisco.com",
            "id": "CVE-2020-3350",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-006926",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202006-1135",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-181475",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working. Cisco AMP for Endpoints is a set of terminal applications from Cisco, which integrates static and dynamic malware analysis and threat intelligence. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. =========================================================================\nUbuntu Security Notice USN-4435-2\nJuly 27, 2020\n\nclamav vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in ClamAV. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4435-1 fixed several vulnerabilities in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled parsing ARJ archives. A\n remote attacker could possibly use this issue to cause ClamAV to crash,\n resulting in a denial of service. \n (CVE-2020-3350)\n\n It was discovered that ClamAV incorrectly handled parsing EGG archives. A\n remote attacker could possibly use this issue to cause ClamAV to crash,\n resulting in a denial of service. (CVE-2020-3481)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n  clamav                          0.102.4+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n  clamav                          0.102.4+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n  https://usn.ubuntu.com/4435-2\n  https://usn.ubuntu.com/4435-1\n  CVE-2020-3327, CVE-2020-3350, CVE-2020-3481\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "db": "PACKETSTORM",
        "id": "158626"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-3350",
        "trust": 2.7
      },
      {
        "db": "PACKETSTORM",
        "id": "158626",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "48960",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4350",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2114",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0056",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4540",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2558",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4412",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2704",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "158454",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "158624",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-181475",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "db": "PACKETSTORM",
        "id": "158626"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "id": "VAR-202006-1143",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:44:45.403000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-famp-ZEpdXy",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-famp-zepdxy"
      },
      {
        "title": "Cisco AMP for Endpoints  and Clam AntiVirus Repair measures for the competition condition problem loophole",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=121828"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-362",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-famp-zepdxy"
      },
      {
        "trust": 1.7,
        "url": "https://security.gentoo.org/glsa/202007-23"
      },
      {
        "trust": 1.7,
        "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"
      },
      {
        "trust": 1.7,
        "url": "https://usn.ubuntu.com/4435-1/"
      },
      {
        "trust": 1.7,
        "url": "https://usn.ubuntu.com/4435-2/"
      },
      {
        "trust": 1.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3350"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3350"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/"
      },
      {
        "trust": 0.7,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2114/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/158454/clam-antivirus-toolkit-0.102.4.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/clamav-three-vulnerabilities-32863"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/158626/ubuntu-security-notice-usn-4435-2.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2558/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2704/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0056/"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/48960"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3481"
      },
      {
        "trust": 0.2,
        "url": "https://usn.ubuntu.com/4435-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3327"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.18.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.20.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/4435-2"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "db": "PACKETSTORM",
        "id": "158626"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "db": "PACKETSTORM",
        "id": "158626"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-06-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "date": "2020-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "date": "2020-07-27T18:46:40",
        "db": "PACKETSTORM",
        "id": "158624"
      },
      {
        "date": "2020-07-27T18:46:49",
        "db": "PACKETSTORM",
        "id": "158626"
      },
      {
        "date": "2020-06-18T03:15:14.027000",
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "date": "2020-06-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-03-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-181475"
      },
      {
        "date": "2020-07-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      },
      {
        "date": "2023-11-07T03:22:37.050000",
        "db": "NVD",
        "id": "CVE-2020-3350"
      },
      {
        "date": "2021-01-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco AMP for Endpoints and  Clam AntiVirus Race condition vulnerabilities in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006926"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "competition condition problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-1135"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.