20 matches found
SUSE CVE-2020-3341
A vulnerability in the PDF archive parsing module in Clam AntiVirus ClamAV Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could...
Ubuntu: Security Advisory (USN-4370-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:14592-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3790-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:14592-1 Security update for clamav
This update for clamav fixes the following issues: - Update to 0.103.0 to implement jscECO-3010 and bsc1118459 - This update incorporates incompatible changes that were introduced in version 0.101.0. - Accumulated security fixes: CVE-2020-3350: Fix a vulnerability wherein a malicious user could...
SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3918-1)
This update for clamav fixes the following issues : clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...
Security update for clamav (moderate)
openSUSE Security Update: Security update for clamav Announcement ID: openSUSE-SU-2020:2276-1 Rating: moderate References: 1104457 1118459 1130721 1144504 1149458 1157763 Cross-References: CVE-2019-12625 CVE-2019-12900 CVE-2019-15961 CVE-2019-1785 CVE-2019-1786 CVE-2019-1787 CVE-2019-1788...
Fedora: Security Advisory for clamav (FEDORA-2020-d98d2cbae1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security fix for the ALT Linux 8 package clamav version 0.102.3-alt1
0.102.3-alt1 built May 28, 2020 Sergey Y. Afonin in task 245886 May 27, 2020 Sergey Y. Afonin - 0.102.3 + CVE-2020-3327 - 0.102.2 only + CVE-2020-3341 - from 0.101 to 0.102.2...
Security fix for the ALT Linux 10 package clamav version 0.102.3-alt1
May 27, 2020 Sergey Y. Afonin 0.102.3-alt1 - 0.102.3 + CVE-2020-3327 - 0.102.2 only + CVE-2020-3341 - from 0.101 to 0.102.2...
Security fix for the ALT Linux 9 package clamav version 0.102.3-alt1
0.102.3-alt1 built May 27, 2020 Sergey Y. Afonin in task 245876 May 27, 2020 Sergey Y. Afonin - 0.102.3 + CVE-2020-3327 - 0.102.2 only + CVE-2020-3341 - from 0.101 to 0.102.2...
Fedora 31 : clamav (2020-b0acd7b66e)
ClamAV 0.102.3 is a bug patch release to address the following issues. - CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that could cause a Denial-of-Service DoS condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read whi...
Updated clamav packages fix security vulnerabilities
Updated clamav packages fix security vulnerabilities: Fixed a vulnerability in the ARJ archive-parsing module in ClamAV 0.102.2 that could cause a denial-of-service condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read which causes a crash. Special thanks to...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ClamAV vulnerabilities (USN-4370-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4370-1 advisory. It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause...
Ubuntu: Security Advisory (USN-4370-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4370-1 clamav vulnerabilities
It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2020-3327 It was discovered that ClamAV incorrectly handled parsing PDF files. A remote attacker could possibly u...
Debian DLA-2215-1 : clamav security update
The following CVEs were found in src:clamav package. CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer...
[SECURITY] [DLA 2215-1] clamav security update
Package : clamav Version : 0.101.5+dfsg-0+deb8u2 CVE ID : CVE-2020-3327 CVE-2020-3341 The following CVEs were found in src:clamav package. CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV could allow an unauthenticated, remote attacker to cause a denial of...
ClamAV 0.101 - 0.102.2 DoS Vulnerability - Linux
ClamAV is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav";...
CVE-2020-3341
CVE-2020-3341 affects ClamAV (versions 0.101–0.102.2) where the PDF archive parsing module is vulnerable to a stack buffer overflow read. An unauthenticated, remote attacker could exploit a crafted PDF file to crash the ClamAV scanning process, causing a DoS. Public advisories in connected docs c...