ClamAV < 0.100.1 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon running on the remote host is prior to 0.100.1. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid111517; scriptversion"1.6";...

MGASA-2018-0317 Updated clamav packages fix security vulnerabilities

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c. CVE-2018-0360 ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a...

ClamAV Integer Overflow Vulnerability

ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. An integer overflow vulnerability exists in the 'parsehwp3paragraph' function in the libclamav/hwp.c file in versio...

CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

CVE-2018-0361

CVE-2018-0361 affects ClamAV up to version 0.100.1; it stems from a missing PDF object length check, causing an unreasonably long parse time for relatively small PDFs. The issue is fixed in ClamAV 0.100.1 (and via vendor advisories such as openSUSE/SUSE Debian DLA), so upgrading to 0.100.1 or lat...