74 matches found
Mandriva Linux Security Advisory : clamav (MDVSA-2015:042)
Updated clamav packages fix security vulnerabilities : ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs : Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a...
MGASA-2015-0056 Updated clamav packages fix security vulnerabilities
ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs: Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted mew packer file...
ClamAV heap buffer overflow vulnerability (CNVD-2015-00910)
ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A heap-based buffer overflow vulnerability exists in versions of ClamAV prior to 0.98.6, which stems from the progr...
CVE-2015-1461
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
CVE-2015-1461
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
DEBIAN-CVE-2015-1461
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
Heap overflow
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
UBUNTU-CVE-2015-1461
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
CVE-2015-1461
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted 1 Yoda's crypter or 2 mew packer file, related to a "heap out of bounds condition."...
CVE-2015-1461
CVE-2015-1461 (ClamAV) : Affects ClamAV prior to 0.98.6; processing a crafted file (Yoda's crypter or mew packer) can trigger a heap out-of-bounds condition. The papers do not detail exploitation specifics. Remediation per GLSA 201512-08 is to upgrade to the latest ClamAV (≥ 0.98.7).
Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)
ClamAV 0.98.6 ============= ClamAV 0.98.6 is a bug fix release correcting the following : - library shared object revisions. - installation issues on some Mac OS X and FreeBSD platforms. - includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd. - Fix a hea...
SuSE 11.3 Security Update : clamav (SAT Patch Number 10016)
clamav was updated to version 0.98.5 to fix three security issues and several non-security issues. These security issues have been fixed : - Crash when scanning maliciously crafted yoda's crypter files. CVE-2013-6497 - Heap-based buffer overflow when scanning crypted PE files. CVE-2014-9050 - Cra...
DEBIAN-CVE-2014-9050
Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...
Heap overflow
Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...
CVE-2014-9050
CVE-2014-9050 describes a heap-based buffer overflow in ClamAV’s libclamav/pe.c:cli_scanpe triggered by crafted y0da Crypter obfuscated PE files, enabling remote DoS (crash). Security advisories indicate a fix in ClamAV 0.98.5 (and later). Affected versions are prior to the 0.98.5 maintenance rel...
CVE-2014-9050
Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...
CVE-2014-9050
Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...
Updated clamav packages fix security vulnerabilities
Certain javascript files causes ClamAV to segfault when scanned with the -a list archived files CVE-2013-6497. A heap buffer overflow was reported in ClamAV when scanning a specially crafted y0da Crypter obfuscated PE file CVE-2014-9050. ClamAV has been updated to version 0.98.5 to address these...
UBUNTU-CVE-2014-9050
Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...
PT-2014-8810 · Cisco +2 · Clamav +2
Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.98.5 Description: The issue is related to a heap-based buffer overflow in the cli scanpe function, which can be triggered by a crafted y0da Crypter PE file, allowing remote attackers to cause a denial of service...