Lucene search

K
freebsdFreeBSDD1E9D8C5-839B-11E8-9610-9C5C8E75236A
HistoryJul 09, 2018 - 12:00 a.m.

clamav -- multiple vulnerabilities

2018-07-0900:00:00
vuxml.freebsd.org
22

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.2%

Joel Esler reports:

3 security fixes in this release:

CVE-2017-16932: Vulnerability in libxml2 dependency (affects ClamAV on Windows only).
CVE-2018-0360: HWP integer overflow, infinite loop vulnerability. Reported by Secunia Research at Flexera.
CVE-2018-0361: ClamAV PDF object length check, unreasonably long time to parse relatively small file. Report
ed by aCaB.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchclamav< 0.100.1UNKNOWN

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.2%

Related for D1E9D8C5-839B-11E8-9610-9C5C8E75236A