16 matches found
ROS-2-1184
2.1184 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...
The vulnerability of the Macro Analysis module in the ClamAV antivirus software package allows a hacker to trigger a service failure.
The vulnerability of the Excel XLM module in the ClamAV antivirus software package exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ClamAV vulnerabilities (USN-4918-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4918-1 advisory. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cau...
SUSE: Security Advisory (SUSE-SU-2021:1174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for clamav (openSUSE-SU-2021:0555-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
...
SUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2021:1190-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
Security update for clamav (important)
openSUSE Security Update: Security update for clamav Announcement ID: openSUSE-SU-2021:0555-1 Rating: important References: 1181256 1184532 1184533 1184534 Cross-References: CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 CVSS scores: CVE-2021-1252 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1189-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1174-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
CVE-2021-1252
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
Race condition
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
CVE-2021-1252
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
clamav -- Multiple vulnerabilites
Micah Snyder reports: CVE-2021-1252 Excel XLM parser infinite loop CVE-2021-1404 PDF parser buffer over-read; possible crash. CVE-2021-1405 Mail parser NULL-dereference crash...