OPENSUSE-SU-2024:10571-1 clamav-0.99.2-4.1 on GA media

These are all security issues fixed in the clamav-0.99.2-4.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2007-6120

The Bluetooth SDP dissector Wireshark formerly Ethereal 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

SUSE CVE-2008-3137

The GSM SMS dissector in Wireshark formerly Ethereal 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service application crash via unknown vectors...

SUSE CVE-2008-4477

alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file...

SUSE CVE-2016-1371

ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted mew packer executable...

SUSE CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

SUSE CVE-2017-12374

The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail...

SUSE CVE-2017-12378

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar Tape Archive files...

CVE-2017-12378

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar Tape Archive files...

ALPINE-CVE-2017-12374

The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail...

Heap overflow

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking...

CVE-2017-12378

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar Tape Archive files...

Security fix for the ALT Linux 9 package clamav version 0.99.2-alt3

Sept. 25, 2017 Anton V. Boyarshinov 0.99.2-alt3 - Fixes: + CVE-2017-6418 remote attackers can cause a denial of service out-of-bounds read via a crafted e-mail message + CVE-2017-6420 remote attackers can cause a denial of service use-after-free via a crafted PE file with WWPack compression...

ClamAV <= 0.99.2 Multiple DoS Vulnerabilities - Linux

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

ClamAV <= 0.99.2 Multiple DoS Vulnerabilities - Windows

ClamAV is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"...

CVE-2017-6418

libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted e-mail message...

DEBIAN-CVE-2017-6420

The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service use-after-free via a crafted PE file with WWPack compression...

DEBIAN-CVE-2017-6418

libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted e-mail message...

CVE-2017-6418

libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted e-mail message...

CVE-2017-6418

libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted e-mail message...