Lucene search
K

74 matches found

Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.35 views

Mandriva Linux Security Advisory : clamav (MDVSA-2015:042)

Updated clamav packages fix security vulnerabilities : ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs : Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a...

7.5CVSS5.4AI score0.03234EPSS
Exploits0References2
OSV
OSV
added 2015/02/09 9:44 p.m.9 views

MGASA-2015-0056 Updated clamav packages fix security vulnerabilities

ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs: Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted mew packer file...

7.5CVSS6.1AI score0.03234EPSS
Exploits0References3
CNVD
CNVD
added 2015/02/04 12:0 a.m.9 views

ClamAV heap buffer overflow vulnerability (CNVD-2015-00910)

ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A heap-based buffer overflow vulnerability exists in versions of ClamAV prior to 0.98.6, which stems from the progr...

7.5CVSS7.1AI score0.02794EPSS
Exploits0References1
NVD
NVD
added 2015/02/03 4:59 p.m.20 views

CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

7.5CVSS6.8AI score0.02794EPSS
Exploits0References8
OSV
OSV
added 2015/02/03 4:59 p.m.6 views

CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

6.7AI score
Exploits0References8
OSV
OSV
added 2015/02/03 4:59 p.m.1 views

DEBIAN-CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

7.5CVSS7.2AI score0.02794EPSS
Exploits0References1
Prion
Prion
added 2015/02/03 4:59 p.m.21 views

Heap overflow

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

7.5CVSS7.3AI score0.02794EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2015/02/03 4:59 p.m.3 views

UBUNTU-CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

7.5CVSS5.9AI score0.02794EPSS
Exploits0References7
Cvelist
Cvelist
added 2015/02/03 4:0 p.m.24 views

CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...

6.6AI score0.02794EPSS
Exploits0References8
CVE
CVE
added 2015/02/03 4:0 p.m.91 views

CVE-2015-1461

CVE-2015-1461 (ClamAV) : Affects ClamAV prior to 0.98.6; processing a crafted file (Yoda's crypter or mew packer) can trigger a heap out-of-bounds condition. The papers do not detail exploitation specifics. Remediation per GLSA 201512-08 is to upgrade to the latest ClamAV (≥ 0.98.7).

7.5CVSS6.8AI score0.02794EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/02/02 12:0 a.m.27 views

Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)

ClamAV 0.98.6 ============= ClamAV 0.98.6 is a bug fix release correcting the following : - library shared object revisions. - installation issues on some Mac OS X and FreeBSD platforms. - includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd. - Fix a hea...

7.5CVSS5.4AI score0.03234EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/12/06 12:0 a.m.36 views

SuSE 11.3 Security Update : clamav (SAT Patch Number 10016)

clamav was updated to version 0.98.5 to fix three security issues and several non-security issues. These security issues have been fixed : - Crash when scanning maliciously crafted yoda's crypter files. CVE-2013-6497 - Heap-based buffer overflow when scanning crypted PE files. CVE-2014-9050 - Cra...

5CVSS7.2AI score0.04878EPSS
Exploits1References9
OSV
OSV
added 2014/12/01 3:59 p.m.2 views

DEBIAN-CVE-2014-9050

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

5CVSS7.1AI score0.04878EPSS
Exploits1References1
Prion
Prion
added 2014/12/01 3:59 p.m.30 views

Heap overflow

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

5CVSS7.3AI score0.04878EPSS
Exploits1References12Affected Software1
CVE
CVE
added 2014/12/01 3:0 p.m.91 views

CVE-2014-9050

CVE-2014-9050 describes a heap-based buffer overflow in ClamAV’s libclamav/pe.c:cli_scanpe triggered by crafted y0da Crypter obfuscated PE files, enabling remote DoS (crash). Security advisories indicate a fix in ClamAV 0.98.5 (and later). Affected versions are prior to the 0.98.5 maintenance rel...

5CVSS6.6AI score0.04878EPSS
Exploits1References12Affected Software1
Debian CVE
Debian CVE
added 2014/12/01 3:0 p.m.36 views

CVE-2014-9050

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

5CVSS6.5AI score0.04878EPSS
Exploits1
Cvelist
Cvelist
added 2014/12/01 3:0 p.m.47 views

CVE-2014-9050

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

6.5AI score0.04878EPSS
Exploits1References12
Mageia
Mageia
added 2014/11/26 10:14 a.m.55 views

Updated clamav packages fix security vulnerabilities

Certain javascript files causes ClamAV to segfault when scanned with the -a list archived files CVE-2013-6497. A heap buffer overflow was reported in ClamAV when scanning a specially crafted y0da Crypter obfuscated PE file CVE-2014-9050. ClamAV has been updated to version 0.98.5 to address these...

5CVSS6.9AI score0.04878EPSS
Exploits1References5
OSV
OSV
added 2014/11/24 12:0 a.m.5 views

UBUNTU-CVE-2014-9050

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

5CVSS7.1AI score0.04878EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2014/11/24 12:0 a.m.5 views

PT-2014-8810 · Cisco +2 · Clamav +2

Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.98.5 Description: The issue is related to a heap-based buffer overflow in the cli scanpe function, which can be triggered by a crafted y0da Crypter PE file, allowing remote attackers to cause a denial of service...

7.5CVSS6.6AI score0.04878EPSS
Exploits1References40
Rows per page
Query Builder