Lucene search

[email protected]NVD:CVE-2011-3627

HistoryNov 17, 2011 - 7:55 p.m.

CVE-2011-3627

2011-11-1719:55:01

CWE-189

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to “recursion level” and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.

Affected configurations

NVD

Node

clamavclamavRange≤0.97.2

clamavclamavMatch0.9rc1

clamavclamavMatch0.90

clamavclamavMatch0.90rc1

clamavclamavMatch0.90rc1.1

clamavclamavMatch0.90rc2

clamavclamavMatch0.90rc3

clamavclamavMatch0.90.1

clamavclamavMatch0.90.2

clamavclamavMatch0.90.3

clamavclamavMatch0.91

clamavclamavMatch0.91rc1

clamavclamavMatch0.91rc2

clamavclamavMatch0.91.1

clamavclamavMatch0.91.2

clamavclamavMatch0.92

clamavclamavMatch0.92.1

clamavclamavMatch0.93

clamavclamavMatch0.93.1

clamavclamavMatch0.93.2

clamavclamavMatch0.93.3

clamavclamavMatch0.94

clamavclamavMatch0.94.1

clamavclamavMatch0.94.2

clamavclamavMatch0.95

clamavclamavMatch0.95rc1

clamavclamavMatch0.95rc2

clamavclamavMatch0.95src1

clamavclamavMatch0.95src2

clamavclamavMatch0.95.1

clamavclamavMatch0.95.2

clamavclamavMatch0.95.3

clamavclamavMatch0.96

clamavclamavMatch0.96rc1

clamavclamavMatch0.96rc2

clamavclamavMatch0.96.1

clamavclamavMatch0.96.2

clamavclamavMatch0.96.3

clamavclamavMatch0.96.4

clamavclamavMatch0.96.5

clamavclamavMatch0.97

clamavclamavMatch0.97rc

clamavclamavMatch0.97.1

References

git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f

lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html

lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html

lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html

secunia.com/advisories/46717

secunia.com/advisories/46826

www.openwall.com/lists/oss-security/2011/10/18/1

www.securityfocus.com/bid/50183

www.ubuntu.com/usn/USN-1258-1

bugzilla.redhat.com/show_bug.cgi?id=746984

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON

Related for NVD:CVE-2011-3627

cve1 nessus10 openvas14 altlinux3 prion1 ubuntu1 ubuntucve1 debiancve1 securityvulns1 cvelist1 fedora4 gentoo1