rpm package
opensuse/clamav&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/clamav&distro=openSUSE%20Leap%2015.0
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-1789 | — | < 0.100.3-lp150.2.10.1 | 0.100.3-lp150.2.10.1 | Nov 5, 2019 | ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. | ||
| CVE-2019-12625 | — | < 0.100.3-lp150.2.13.1 | 0.100.3-lp150.2.13.1 | Nov 5, 2019 | ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. | ||
| CVE-2019-12900 | — | < 0.100.3-lp150.2.13.1 | 0.100.3-lp150.2.13.1 | Jun 19, 2019 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | ||
| CVE-2019-1788 | — | < 0.100.3-lp150.2.10.1 | 0.100.3-lp150.2.10.1 | Apr 8, 2019 | A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is d | ||
| CVE-2019-1787 | — | < 0.100.3-lp150.2.10.1 | 0.100.3-lp150.2.10.1 | Apr 8, 2019 | A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due |
- CVE-2019-1789Nov 5, 2019affected < 0.100.3-lp150.2.10.1fixed 0.100.3-lp150.2.10.1
ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
- CVE-2019-12625Nov 5, 2019affected < 0.100.3-lp150.2.13.1fixed 0.100.3-lp150.2.13.1
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
- CVE-2019-12900Jun 19, 2019affected < 0.100.3-lp150.2.13.1fixed 0.100.3-lp150.2.13.1
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
- CVE-2019-1788Apr 8, 2019affected < 0.100.3-lp150.2.10.1fixed 0.100.3-lp150.2.10.1
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is d
- CVE-2019-1787Apr 8, 2019affected < 0.100.3-lp150.2.10.1fixed 0.100.3-lp150.2.10.1
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due