rpm package
suse/clamav&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-2668 | — | < 0.98.7-13.1 | 0.98.7-13.1 | May 12, 2015 | ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. | ||
| CVE-2015-2222 | — | < 0.98.7-13.1 | 0.98.7-13.1 | May 12, 2015 | ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file. | ||
| CVE-2015-2221 | — | < 0.98.7-13.1 | 0.98.7-13.1 | May 12, 2015 | ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file. | ||
| CVE-2015-2170 | — | < 0.98.7-13.1 | 0.98.7-13.1 | May 12, 2015 | The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. | ||
| CVE-2015-2305 | — | < 0.98.7-13.1 | 0.98.7-13.1 | Mar 30, 2015 | Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular express | ||
| CVE-2015-1463 | — | < 0.98.6-10.1 | 0.98.6-10.1 | Feb 3, 2015 | ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization." | ||
| CVE-2015-1462 | — | < 0.98.6-10.1 | 0.98.6-10.1 | Feb 3, 2015 | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition." | ||
| CVE-2015-1461 | — | < 0.98.6-10.1 | 0.98.6-10.1 | Feb 3, 2015 | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition." | ||
| CVE-2014-9328 | — | < 0.98.6-10.1 | 0.98.6-10.1 | Feb 3, 2015 | ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." |
- CVE-2015-2668May 12, 2015affected < 0.98.7-13.1fixed 0.98.7-13.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
- CVE-2015-2222May 12, 2015affected < 0.98.7-13.1fixed 0.98.7-13.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
- CVE-2015-2221May 12, 2015affected < 0.98.7-13.1fixed 0.98.7-13.1
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
- CVE-2015-2170May 12, 2015affected < 0.98.7-13.1fixed 0.98.7-13.1
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
- CVE-2015-2305Mar 30, 2015affected < 0.98.7-13.1fixed 0.98.7-13.1
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular express
- CVE-2015-1463Feb 3, 2015affected < 0.98.6-10.1fixed 0.98.6-10.1
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
- CVE-2015-1462Feb 3, 2015affected < 0.98.6-10.1fixed 0.98.6-10.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
- CVE-2015-1461Feb 3, 2015affected < 0.98.6-10.1fixed 0.98.6-10.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
- CVE-2014-9328Feb 3, 2015affected < 0.98.6-10.1fixed 0.98.6-10.1
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."