34 matches found
EUVD-2000-0276
Malware in sbrugna...
Researchers Uncover New Attempts by Qakbot Malware to Evade Detection
The operators behind the Qakbot malware are transforming their delivery vectors in an attempt to sidestep detection. "Most recently, threat actors have transformed their techniques to evade detection by using ZIP file extensions, enticing file names with common formats, and Excel XLM 4.0 to trick...
OSV-2022-337 Heap-double-free in cli_extract_xlm_macros_and_images
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46586 Crash type: Heap-double-free Crash state: cliextractxlmmacrosandimages cliole2scantempdir climagicscan...
OSV-2022-90 Heap-double-free in cli_extract_xlm_macros_and_images
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44040 Crash type: Heap-double-free Crash state: cliextractxlmmacrosandimages cliole2scantempdir cliscanole2...
Microsoft is now disabling Excel 4.0 macros by default
Back in October 2021, Microsoft announced in an email to customers that it planned to disable Excel 4.0 macros by default to protect customers from malicious documents. Last week—after three decades of macro viruses, and three decades of trying to convince every single Excel user individually to...
Microsoft is now disabling Excel 4.0 macros by default
Back in October 2021, Microsoft announced in an email sent to customers that it planned to disable Excel 4.0 macros by default to protect customers from malicious documents. Now, Microsoft says that change has happened. Good news Sometimes good news in the security world comes later than expected...
At long last, Microsoft is disabling Excel 4.0 macros by default
Sometimes good news in the security world comes unexpectedly. This is one of those times. After three decades of macro viruses, and three decades of trying to convince every single Excel user individually to disable macros, Microsoft is going disable Excel 4.0 macros for everyone. Better late tha...
ROS-2-1184
2.1184 Multiple vulnerabilities in ClamAV antivirus package CVE-2021-1252, CVE-2021-1404, CVE-2021-1405 1. Vulnerability Description: CVE-2021-1252 - looping when processing specially formatted Excel XLM files. CVE-2021-1404 - process crash when processing specially formatted PDF documents...
XLMMacroDeobfuscator - Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros)
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros also known as Excel 4.0 macros. It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2 and its own parser to extract cell...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ClamAV vulnerabilities (USN-4918-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4918-1 advisory. It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cau...
SUSE: Security Advisory (SUSE-SU-2021:1174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for clamav (openSUSE-SU-2021:0555-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
...
SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1189-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
Security update for clamav (important)
openSUSE Security Update: Security update for clamav Announcement ID: openSUSE-SU-2021:0555-1 Rating: important References: 1181256 1184532 1184533 1184534 Cross-References: CVE-2021-1252 CVE-2021-1404 CVE-2021-1405 CVSS scores: CVE-2021-1252 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
SUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2021:1190-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1174-1)
This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...
CVE-2021-1252
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
Race condition
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in...
CVE-2021-1252
CVE-2021-1252 is a vulnerability in ClamAV’s Excel XLM macro parsing module. Affected versions: 0.103.0 and 0.103.1. Root cause: improper error handling may trigger an infinite loop, allowing an unauthenticated, remote attacker to cause the ClamAV scanning process to hang and produce a denial of ...