13 matches found
SUSE: Security Advisory (SUSE-SU-2018:0255-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : clamav (2018-958b22c73f)
ClamAV 0.99.3 ============= This release is a security release and is recommended for all ClamAV users. Please see details below : 1. ClamAV UAF use-after-free Vulnerabilities CVE-2017-12374 --------------------------------------------------------------- The ClamAV AntiVirus software versions...
Ubuntu: Security Advisory (USN-3550-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3550-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12374, CVE-2017-12375, CVE-2017-12379, CVE-2017-12380 It was discovered...
Fedora 27 : clamav (2018-cb339851e7)
ClamAV 0.99.3 ============= This release is a security release and is recommended for all ClamAV users. Please see details below : 1. ClamAV UAF use-after-free Vulnerabilities CVE-2017-12374 --------------------------------------------------------------- The ClamAV AntiVirus software versions...
Debian: Security Advisory (DLA-1261-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0255-1)
This update for clamav fixes the following issues : - Update to security release 0.99.3 bsc1077732 - CVE-2017-12376 ClamAV Buffer Overflow in handlepdfname Vulnerability - CVE-2017-12377 ClamAV Mew Packet Heap Overflow Vulnerability - CVE-2017-12379 ClamAV Buffer Overflow in messageAddArgument...
ClamAV <= 0.99.2 Multiple Vulnerabilities - Linux
ClamAV is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav"; ifdescription...
openSUSE: Security Advisory for clamav (openSUSE-SU-2018:0258-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] [DLA 1261-1] clamav security update
Package : clamav Version : 0.99.2+dfsg-0+deb7u4 CVE ID : CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 Debian Bug : 888484 824196 Multiple vulnerabilities have been discovered in clamav, the ClamAV AntiVirus toolkit for Unix. Effects rang...
CVE-2017-12377
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking...
ALPINE-CVE-2017-12377
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking...
CVE-2017-12377
ClamAV 0.99.2 and earlier are affected by CVE-2017-12377 due to improper input validation in mew packet processing, causing a heap-based over-read/DoS and potential arbitrary code execution when scanning crafted files. The vulnerability is remote and unauthenticated. Upstream advisories and secur...