Advisory ROSA-SA-2021-1813

Software: clamav 0.102.4
OS: Cobalt 7.9

CVE-ID: CVE-2021-1386
CVE-Crit: HIGH
CVE-DESC: A vulnerability in the Dynamic Link Library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Windows Connector endpoints, ClamAV for Windows, and Immunet could allow an authenticated local attacker to execute a DLL hijacking attack on the affected Windows system. affected computer. To exploit this vulnerability, an attacker would need valid credentials on the system. The vulnerability occurs due to insufficient verification of directory search paths at runtime. An attacker can exploit this vulnerability by placing a malicious DLL file on a vulnerable system. A successful exploit could allow an attacker to execute arbitrary code with SYSTEM privileges.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2021-1405
CVE-Crit: HIGH
CVE-DESC: A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) software version 0.103.1 and all previous versions could allow an unauthenticated remote attacker to cause a denial of service condition on a vulnerable device. The vulnerability occurs due to improper initialization of a variable that could result in a NULL pointer being read. An attacker could exploit this vulnerability by sending a crafted email to a vulnerable device. The exploit could allow an attacker to cause the ClamAV scanning process to fail, resulting in a denial of service.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2021-27506
CVE-Crit: MEDIUM
CVE-DESC: The ClamAV Engine component (version 0.103.1 and below) built into Storsmshield Network Security (SNS) is prone to DoS when parsing corrupted png files. This affects Netasq versions 9.1.0 through 9.1.11 and SNS versions 1.0.0 through 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7, and 4.2.1.
CVE-STATUS: Default
CVE-REV: Default