EUVD-2009-2532

Malware in sbrugna...

SUSE CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

Design/Logic Flaw

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

ALPINE-CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

DEBIAN-CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

CVE-2018-0361

CVE-2018-0361 affects ClamAV up to version 0.100.1; it stems from a missing PDF object length check, causing an unreasonably long parse time for relatively small PDFs. The issue is fixed in ClamAV 0.100.1 (and via vendor advisories such as openSUSE/SUSE Debian DLA), so upgrading to 0.100.1 or lat...

CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

UBUNTU-CVE-2018-0361

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file...

clamav -- multiple vulnerabilities

Joel Esler reports: 3 security fixes in this release: CVE-2017-16932: Vulnerability in libxml2 dependency affects ClamAV on Windows only. CVE-2018-0360: HWP integer overflow, infinite loop vulnerability. Reported by Secunia Research at Flexera. CVE-2018-0361: ClamAV PDF object length check,...

CVE-2016-4579

Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via unspecified vectors, related to the "returned length of the object from ksbaberparsetl."...

CVE-2016-4579

Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via unspecified vectors, related to the "returned length of the object from ksbaberparsetl."...

mongodb: memory over-read via incorrect BSON object length

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

mongodb: memory over-read via incorrect BSON object length

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...