41 matches found
openSUSE: Security Advisory for clamav (openSUSE-SU-2019:2597-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:2595-1 Security update for clamav
This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458...
Security update for clamav (moderate)
openSUSE Security Update: Security update for clamav Announcement ID: openSUSE-SU-2019:2595-1 Rating: moderate References: 1144504 1149458 1151839 Cross-References: CVE-2019-12625 CVE-2019-12900 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is...
SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:3066-1)
This update for clamav fixes the following issues : Security issue fixed : CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458. Non-securit...
SUSE-SU-2019:3053-1 Security update for clamav
This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458...
CVE-2018-0202
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format .pdf...
CVE-2018-0202
clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format .pdf...
CVE-2018-0202
CVE-2018-0202 affects ClamAV prior to 0.99.4, where the PDF parser (libclamav/pdfng.c: pdf_parse_array/pdf_parse_string) may mishandle crafted PDF files, leading to an out-of-bounds read and a denial of service. Descriptions consistently state an unauthenticated, remote attacker can trigger this ...
ClamAV Denial of Service Vulnerability (CNVD-2018-07714)
ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. clamscan is one of the command line antivirus scanners. A security vulnerability exists in clamscan in versions pri...
Arbitrary Command Execution
clamscan is vulnerable to arbitrary command execution. It does not properly handle the input parameters for command building, potentially allowing arbitrary command execution...
runAV mod_security - Arbitrary Command Execution
Exploit for linux platform in category local exploits Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...
runAV mod_security - Arbitrary Command Execution
runAV modsecurity - Arbitrary Command Execution Title : runAV modsecurity Remote Command Execution Date : 13/05/2016 Author : R-73eN Tested on : modsecurity with runAV Linux 4.2.0-30-generic 36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux Software :...
Debian DLA-95-1 : clamav security update
Two bugs were discovered in clamav and are fixed by this release. One issue is in clamscan, the command line anti-virus scanner included in the package, which could lead to crashes when scanning certain files. CVE-2013-6497 The second issue is in libclamav which caused a heap buffer overflow when...
DEBIAN-CVE-2013-6497
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service crash as demonstrated by the jwplayer.js file...
DLA-95-1 clamav - security update
Bulletin has no description...
UBUNTU-CVE-2013-6497
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service crash as demonstrated by the jwplayer.js file...
ClamAV Multiple Vulnerabilities (Windows)
This host has ClamAV installed, and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbclamavmultvulnapr09win.nasl 4865 2016-12-28 16:16:43Z teissa $ ClamAV Multiple Vulnerabilities Windows Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Debian DSA-1771-1 : clamav - several vulnerabilities
Several vulnerabilities have been discovered in the ClamAV anti-virus toolkit : - CVE-2008-6680 Attackers can cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error. - CVE-2009-1270 Attackers can cause a denial of service infinite loop via a crafted tar file...
DEBIAN-CVE-2009-1270
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service infinite loop via a crafted TAR file that causes 1 clamd and 2 clamscan to hang...
CVE-2009-1270
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service infinite loop via a crafted TAR file that causes 1 clamd and 2 clamscan to hang...