rpm package
suse/clamav&distro=SUSE OpenStack Cloud 6
pkg:rpm/suse/clamav&distro=SUSE%20OpenStack%20Cloud%206
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12380 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c | ||
| CVE-2017-12379 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va | ||
| CVE-2017-12378 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar ( | ||
| CVE-2017-12377 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va | ||
| CVE-2017-12376 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va | ||
| CVE-2017-12375 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms duri | ||
| CVE-2017-12374 | — | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jan 26, 2018 | The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms duri | ||
| CVE-2017-6420 | Med | 5.5 | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Aug 7, 2017 | The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. | |
| CVE-2017-6419 | Hig | 7.8 | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Aug 7, 2017 | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. | |
| CVE-2017-6418 | Med | 5.5 | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Aug 7, 2017 | libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. | |
| CVE-2017-11423 | Med | 5.5 | < 0.99.3-33.5.1 | 0.99.3-33.5.1 | Jul 18, 2017 | The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. |
- CVE-2017-12380Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms in mbox.c
- CVE-2017-12379Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va
- CVE-2017-12378Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (
- CVE-2017-12377Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va
- CVE-2017-12376Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input va
- CVE-2017-12375Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms duri
- CVE-2017-12374Jan 26, 2018affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms duri
- affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
- affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file.
- affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
- affected < 0.99.3-33.5.1fixed 0.99.3-33.5.1
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file.