14 matches found
Mageia: Security Advisory (MGASA-2018-0117)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0255-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : clamav (2018-958b22c73f)
ClamAV 0.99.3 ============= This release is a security release and is recommended for all ClamAV users. Please see details below : 1. ClamAV UAF use-after-free Vulnerabilities CVE-2017-12374 --------------------------------------------------------------- The ClamAV AntiVirus software versions...
Ubuntu 14.04 LTS / 16.04 LTS : ClamAV vulnerabilities (USN-3550-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3550-1 advisory. It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to...
Ubuntu: Security Advisory (USN-3550-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3550-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12374, CVE-2017-12375, CVE-2017-12379, CVE-2017-12380 It was discovered...
Debian: Security Advisory (DLA-1261-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : clamav (2018-cb339851e7)
ClamAV 0.99.3 ============= This release is a security release and is recommended for all ClamAV users. Please see details below : 1. ClamAV UAF use-after-free Vulnerabilities CVE-2017-12374 --------------------------------------------------------------- The ClamAV AntiVirus software versions...
ClamAV <= 0.99.2 Multiple Vulnerabilities - Linux
ClamAV is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"; ifdescription...
SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0255-1)
This update for clamav fixes the following issues : - Update to security release 0.99.3 bsc1077732 - CVE-2017-12376 ClamAV Buffer Overflow in handlepdfname Vulnerability - CVE-2017-12377 ClamAV Mew Packet Heap Overflow Vulnerability - CVE-2017-12379 ClamAV Buffer Overflow in messageAddArgument...
openSUSE: Security Advisory for clamav (openSUSE-SU-2018:0258-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] [DLA 1261-1] clamav security update
Package : clamav Version : 0.99.2+dfsg-0+deb7u4 CVE ID : CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 Debian Bug : 888484 824196 Multiple vulnerabilities have been discovered in clamav, the ClamAV AntiVirus toolkit for Unix. Effects rang...
CVE-2017-12374
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail...
CVE-2017-12374
CVE-2017-12374 affects ClamAV before 0.99.3, with a vulnerability in mail parsing (mbox.c) that can cause a use-after-free and DoS when processing crafted emails. The issue stems from insufficient input validation during certain mail parsing operations, allowing an unauthenticated, remote attacke...