All the vulnerabilites related to Cisco - ClamAV
cve-2021-1404
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:11:17.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1404", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:02:31.585183Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:25:27.140Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.103.0" }, { "status": "affected", "version": "0.103.1" } ] } ], "datePublic": "2021-04-08T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-13T13:00:26", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ], "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" }, "title": "Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-04-08T12:08:00.000Z", "ID": "CVE-2021-1404", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.103.0" }, { "version_affected": "=", "version_value": "0.103.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "refsource": "CISCO", "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ] }, "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1404", "datePublished": "2021-04-08T04:30:18.361779Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:25:27.140Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-1386
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO | vendor-advisory, x_refsource_CISCO |
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco AMP for Endpoints |
Version: n/a |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:11:16.881Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210407 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1386", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:19:04.019920Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:29:10.976Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco AMP for Endpoints", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-04-07T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-08T04:05:46", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210407 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO" } ], "source": { "advisory": "cisco-sa-amp-imm-dll-tu79hvkO", "defect": [ [ "CSCvw77090" ] ], "discovery": "INTERNAL" }, "title": "Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-04-07T16:00:00", "ID": "CVE-2021-1386", "STATE": "PUBLIC", "TITLE": "Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco AMP for Endpoints", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "baseScore": "7.0", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-427" } ] } ] }, "references": { "reference_data": [ { "name": "20210407 Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp-imm-dll-tu79hvkO" } ] }, "source": { "advisory": "cisco-sa-amp-imm-dll-tu79hvkO", "defect": [ [ "CSCvw77090" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1386", "datePublished": "2021-04-08T04:05:46.484636Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:29:10.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-1405
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO | |
https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html | mailing-list, x_refsource_MLIST | |
https://security.gentoo.org/glsa/202104-07 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:11:16.920Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" }, { "name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html" }, { "name": "GLSA-202104-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202104-07" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1405", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:02:34.550630Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:25:38.707Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThanOrEqual": "0.103.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2021-04-08T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-120", "description": "CWE-120 Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-05-01T01:06:30", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" }, { "name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html" }, { "name": "GLSA-202104-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202104-07" } ], "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" }, "title": "Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-04-08T12:08:00.000Z", "ID": "CVE-2021-1405", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "0.103.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-120 Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "refsource": "CISCO", "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" }, { "name": "[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html" }, { "name": "GLSA-202104-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202104-07" } ] }, "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1405", "datePublished": "2021-04-08T04:30:14.596976Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:25:38.707Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-12625
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:24:39.183Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html" }, { "name": "openSUSE-SU-2019:2595", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html" }, { "name": "openSUSE-SU-2019:2597", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-12625", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:22:32.861218Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T18:52:35.512Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.101.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-12-01T06:06:11", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html" }, { "name": "openSUSE-SU-2019:2595", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html" }, { "name": "openSUSE-SU-2019:2597", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html" } ], "source": { "advisory": "clamav-01014", "discovery": "USER" }, "title": "ClamAV Zip Bomb Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-12625", "STATE": "PUBLIC", "TITLE": "ClamAV Zip Bomb Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.101.3" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400 Uncontrolled Resource Consumption" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html", "refsource": "MISC", "url": "https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html" }, { "name": "openSUSE-SU-2019:2595", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html" }, { "name": "openSUSE-SU-2019:2597", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html" } ] }, "source": { "advisory": "clamav-01014", "discovery": "USER" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-12625", "datePublished": "2019-11-05T18:15:36", "dateReserved": "2019-06-04T00:00:00", "dateUpdated": "2024-11-19T18:52:35.512Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20803
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html | vendor-advisory | |
https://security.gentoo.org/glsa/202310-01 | vendor-advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:24:49.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html" }, { "name": "GLSA-202310-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-20803", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-28T16:24:43.851210Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-28T16:34:09.139Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.104.0" } ] } ], "datePublic": "2022-05-04T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the OLE2 file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.The vulnerability is due to incorrect use of the realloc function that may result in a double-free. An attacker could exploit this vulnerability by submitting a crafted OLE2 file to be scanned by ClamAV on the affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "CWE-415 Double Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-01T10:06:23.618804", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html" }, { "name": "GLSA-202310-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-01" } ], "source": { "advisory": "clamav-01050-01043-01036", "discovery": "UNKNOWN" }, "title": "ClamAV Double-free Vulnerability in the OLE2 File Parser", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20803", "datePublished": "2023-02-17T00:00:00", "dateReserved": "2021-11-02T00:00:00", "dateUpdated": "2024-10-28T16:34:09.139Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1786
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149 | x_refsource_MISC | |
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.813Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1786", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:24:57.486138Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T19:12:41.510Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.101.1" }, { "status": "affected", "version": "0.101.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-11T02:06:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "source": { "defect": [ "12149" ], "discovery": "EXTERNAL" }, "title": "Clam AntiVirus PDF Out-of-Bounds Read Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1786", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus PDF Out-of-Bounds Read Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.101.1" }, { "version_affected": "=", "version_value": "0.101.0" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" } ] }, "source": { "defect": [ "12149" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1786", "datePublished": "2019-04-08T19:05:14", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:12:41.510Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-3327
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:30:58.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4370-2/" }, { "name": "GLSA-202007-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2020-3327", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-15T16:21:23.316854Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-15T17:22:05.241Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ parsing vulnerability." } ], "datePublic": "2020-05-12T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-06T07:06:04", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4370-2/" }, { "name": "GLSA-202007-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ], "source": { "advisory": "clamav-01023-security-patch", "defect": [ "clamav-01023-security-patch" ], "discovery": "EXTERNAL" }, "title": "ClamAV ARJ Archive Parsing Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-05-12T16:00:00.000Z", "ID": "CVE-2020-3327", "STATE": "PUBLIC", "TITLE": "ClamAV ARJ Archive Parsing Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.102.3" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "credit": [ { "lang": "eng", "value": "Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ parsing vulnerability." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html", "refsource": "CISCO", "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4370-2/" }, { "name": "GLSA-202007-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ] }, "source": { "advisory": "clamav-01023-security-patch", "defect": [ "clamav-01023-security-patch" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3327", "datePublished": "2020-05-13T02:20:13.063319Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-15T17:22:05.241Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20506
Vulnerability from cvelistv5
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | ClamAV |
Version: 1.4.0 Version: 1.3.2 Version: 1.0.6 Version: 1.0.5 Version: 1.0.4 Version: 1.0.3 Version: 1.0.2 Version: 1.0.1 Version: 1.0.0 Version: 1.2.x Version: 0.105.x Version: 0.104.x Version: 0.103.11 Version: 0.103.10 Version: 0.103.9 Version: 0.103.8 Version: 0.103.7 Version: 0.103.6 Version: 0.103.5 Version: 0.103.4 Version: 0.103.3 Version: 0.103.2 Version: 0.103.1 Version: 0.103.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20506", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-05T13:34:43.487532Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-05T13:34:52.623Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "1.4.0" }, { "status": "affected", "version": "1.3.2" }, { "status": "affected", "version": "1.0.6" }, { "status": "affected", "version": "1.0.5" }, { "status": "affected", "version": "1.0.4" }, { "status": "affected", "version": "1.0.3" }, { "status": "affected", "version": "1.0.2" }, { "status": "affected", "version": "1.0.1" }, { "status": "affected", "version": "1.0.0" }, { "status": "affected", "version": "1.2.x" }, { "status": "affected", "version": "0.105.x" }, { "status": "affected", "version": "0.104.x" }, { "status": "affected", "version": "0.103.11" }, { "status": "affected", "version": "0.103.10" }, { "status": "affected", "version": "0.103.9" }, { "status": "affected", "version": "0.103.8" }, { "status": "affected", "version": "0.103.7" }, { "status": "affected", "version": "0.103.6" }, { "status": "affected", "version": "0.103.5" }, { "status": "affected", "version": "0.103.4" }, { "status": "affected", "version": "0.103.3" }, { "status": "affected", "version": "0.103.2" }, { "status": "affected", "version": "0.103.1" }, { "status": "affected", "version": "0.103.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files.\r\n\r\nThe vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "providerMetadata": { "dateUpdated": "2024-09-04T21:28:54.812Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html" } ], "source": { "defects": [ "CSCwk31741" ], "discovery": "EXTERNAL" }, "title": "ClamAV Privilege Handling Escalation Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20506", "datePublished": "2024-09-04T21:28:54.812Z", "dateReserved": "2023-11-08T15:08:07.688Z", "dateUpdated": "2024-09-05T13:34:52.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1798
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://bugzilla.clamav.net/show_bug.cgi?id=12262 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.809Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1798", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:24:52.988363Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T19:12:05.892Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThanOrEqual": "0.101.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-11T02:06:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "source": { "defect": [ "12262" ], "discovery": "EXTERNAL" }, "title": "Clam AntiVirus PE File Out-of-Bounds Read Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.6" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1798", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus PE File Out-of-Bounds Read Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "0.101.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected device. An attacker could exploit this vulnerability by sending malformed PE files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "generator": { "engine": "Vulnogram 0.0.6" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12262", "refsource": "MISC", "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12262" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" } ] }, "source": { "defect": [ "12262" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1798", "datePublished": "2019-04-08T19:30:17", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:12:05.892Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20698
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html | vendor-advisory | |
https://security.gentoo.org/glsa/202310-01 | vendor-advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:24:48.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html" }, { "name": "GLSA-202310-01", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202310-01" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-20698", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-06T16:01:57.833636Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-06T16:32:32.016Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.103.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.104.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2022-01-13T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-01T10:06:17.357612", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html" }, { "name": "GLSA-202310-01", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202310-01" } ], "source": { "advisory": "clamav-01035-and-01042-security-patch", "discovery": "EXTERNAL" }, "title": "Clam AntiVirus (ClamAV) Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20698", "datePublished": "2022-01-14T05:15:11.361911Z", "dateReserved": "2021-11-02T00:00:00", "dateUpdated": "2024-11-06T16:32:32.016Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1788
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.824Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1788", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:24:54.567973Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T19:12:14.790Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThanOrEqual": "0.101.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Object Linking \u0026 Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-22T13:06:07", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ], "source": { "defect": [ "12166" ], "discovery": "EXTERNAL" }, "title": "ClamAV OLE2 File Out-Of-Bounds Write Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1788", "STATE": "PUBLIC", "TITLE": "ClamAV OLE2 File Out-Of-Bounds Write Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "0.101.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Object Linking \u0026 Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ] }, "source": { "defect": [ "12166" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1788", "datePublished": "2019-04-08T19:15:18", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:12:14.790Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-3123
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062 | vendor-advisory, x_refsource_CISCO | |
https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html | x_refsource_CONFIRM | |
https://usn.ubuntu.com/4280-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://usn.ubuntu.com/4280-2/ | vendor-advisory, x_refsource_UBUNTU | |
https://security.gentoo.org/glsa/202003-46 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:24:00.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html" }, { "name": "USN-4280-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4280-1/" }, { "name": "USN-4280-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4280-2/" }, { "name": "GLSA-202003-46", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-46" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2020-3123", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-15T16:22:29.569316Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-15T17:43:05.687Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.102.1" } ] } ], "datePublic": "2020-02-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-19T22:06:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html" }, { "name": "USN-4280-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4280-1/" }, { "name": "USN-4280-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4280-2/" }, { "name": "GLSA-202003-46", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-46" } ], "source": { "advisory": "CSCvs59062", "defect": [ "CSCvs59062" ], "discovery": "INTERNAL" }, "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-02-05T16:10:00.000Z", "ID": "CVE-2020-3123", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.102.1" }, { "version_affected": "=", "version_value": "0.102.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062", "refsource": "CISCO", "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062" }, { "name": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html", "refsource": "CONFIRM", "url": "https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html" }, { "name": "USN-4280-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4280-1/" }, { "name": "USN-4280-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4280-2/" }, { "name": "GLSA-202003-46", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-46" } ] }, "source": { "advisory": "CSCvs59062", "defect": [ "CSCvs59062" ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3123", "datePublished": "2020-02-05T17:30:20.755023Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-15T17:43:05.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20380
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:clam_antivirus:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "clam_antivirus", "vendor": "cisco", "versions": [ { "status": "affected", "version": "1.3" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20380", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-20T03:18:49.587479Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:39:59.638Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:41.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": " 1.3" } ] } ], "datePublic": "2024-04-18T18:00:00.000Z", "descriptions": [ { "lang": "en", "value": "A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThe vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-475", "description": "CWE-475: Undefined Behavior for Input to API", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-18T19:19:21.423Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html" } ], "source": { "discovery": "EXTERNAL" }, "title": "ClamAV HTML Parser Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20380", "datePublished": "2024-04-18T19:19:21.423Z", "dateReserved": "2023-11-08T15:08:07.656Z", "dateUpdated": "2024-08-01T21:59:41.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20328
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:clamav:1.2.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "clamav", "vendor": "cisco", "versions": [ { "status": "affected", "version": "1.2.0" } ] }, { "cpes": [ "cpe:2.3:a:cisco:clamav:1.2.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "clamav", "vendor": "cisco", "versions": [ { "status": "affected", "version": "1.2.1" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20328", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-03-05T15:40:24.549668Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T20:45:50.903Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:41.779Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.clamav.net/2023/11/clamav-130-122-105-released.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "1.2.0" }, { "status": "affected", "version": "1.2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file name containing command-line sequences. When processed on a system using configuration options for the VirusEvent feature, the attacker could cause the application to execute arbitrary commands.\nClamAV has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-01T20:48:15.328Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "url": "https://blog.clamav.net/2023/11/clamav-130-122-105-released.html" } ], "source": { "discovery": "EXTERNAL" }, "title": "ClamAV VirusEvent File Processing Command Injection Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20328", "datePublished": "2024-03-01T20:48:15.328Z", "dateReserved": "2023-11-08T15:08:07.641Z", "dateUpdated": "2024-08-01T21:59:41.779Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1787
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1787", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:24:55.955639Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T19:12:23.014Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.101.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-22T13:06:07", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ], "source": { "defect": [ "12181" ], "discovery": "EXTERNAL" }, "title": "Clam AntiVirus PDF Denial of Service Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1787", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus PDF Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.101.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" }, { "name": "openSUSE-SU-2019:1208", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html" }, { "name": "openSUSE-SU-2019:1210", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html" }, { "name": "[debian-lts-announce] 20190422 [SECURITY] [DLA 1759-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html" } ] }, "source": { "defect": [ "12181" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1787", "datePublished": "2019-04-08T19:10:16", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:12:23.014Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1785
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://bugzilla.clamav.net/show_bug.cgi?id=12284 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1785", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:21:23.436070Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T19:12:31.535Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.101.1" }, { "status": "affected", "version": "0.101.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-11T02:06:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "source": { "defect": [ "12284" ], "discovery": "EXTERNAL" }, "title": "Clam AntiVirus RAR Directory Traversal Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1785", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus RAR Directory Traversal Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.101.1" }, { "version_affected": "=", "version_value": "0.101.0" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12284", "refsource": "MISC", "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12284" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" } ] }, "source": { "defect": [ "12284" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1785", "datePublished": "2019-04-08T19:05:21", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:12:31.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2018-15378
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html | mailing-list, x_refsource_MLIST | |
https://bugzilla.clamav.net/show_bug.cgi?id=12170 | x_refsource_CONFIRM | |
https://secuniaresearch.flexerasoftware.com/advisories/83000/ | third-party-advisory, x_refsource_SECUNIA | |
https://usn.ubuntu.com/3789-2/ | vendor-advisory, x_refsource_UBUNTU | |
https://usn.ubuntu.com/3789-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/201904-12 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T09:54:02.590Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170" }, { "name": "83000", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/" }, { "name": "USN-3789-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3789-2/" }, { "name": "USN-3789-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3789-1/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2018-15378", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-25T18:47:40.459253Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-26T14:26:00.813Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.100.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2018-10-03T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the \"unmew11()\" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-04-11T02:06:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170" }, { "name": "83000", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/" }, { "name": "USN-3789-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3789-2/" }, { "name": "USN-3789-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3789-1/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html" }, { "name": "GLSA-201904-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-12" } ], "source": { "advisory": "Bug 12170 - ClamAV Invalid read memory access in MEW unpacker", "defect": [ [ "12170" ] ], "discovery": "UNKNOWN" }, "title": "Clam AntiVirus unmew11() Denial of Service Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2018-10-03T21:00:00-0500", "ID": "CVE-2018-15378", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus unmew11() Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "affected": "\u003c", "version_affected": "\u003c", "version_value": "0.100.2" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the \"unmew11()\" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file." } ] }, "impact": { "cvss": { "baseScore": "5.3", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20181024 [SECURITY] [DLA 1553-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html" }, { "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12170", "refsource": "CONFIRM", "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12170" }, { "name": "83000", "refsource": "SECUNIA", "url": "https://secuniaresearch.flexerasoftware.com/advisories/83000/" }, { "name": "USN-3789-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3789-2/" }, { "name": "USN-3789-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3789-1/" }, { "name": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html", "refsource": "MISC", "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html" }, { "name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12" } ] }, "source": { "advisory": "Bug 12170 - ClamAV Invalid read memory access in MEW unpacker", "defect": [ [ "12170" ] ], "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-15378", "datePublished": "2018-10-15T17:00:00Z", "dateReserved": "2018-08-17T00:00:00", "dateUpdated": "2024-11-26T14:26:00.813Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-3341
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html | vendor-advisory, x_refsource_CISCO | |
https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html | mailing-list, x_refsource_MLIST | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/ | vendor-advisory, x_refsource_FEDORA | |
https://usn.ubuntu.com/4370-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://usn.ubuntu.com/4370-2/ | vendor-advisory, x_refsource_UBUNTU |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:30:57.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4370-2/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2020-3341", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-15T16:21:21.604006Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-15T17:21:52.637Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.102.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "OSS-Fuzz discovered this vulnerability." } ], "datePublic": "2020-05-12T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-05-29T00:06:11", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4370-2/" } ], "source": { "advisory": "clamav-01023-security-patch", "defect": [ "clamav-01023-security-patch" ], "discovery": "EXTERNAL" }, "title": "ClamAV PDF Parsing Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-05-12T16:00:00.000Z", "ID": "CVE-2020-3341", "STATE": "PUBLIC", "TITLE": "ClamAV PDF Parsing Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.102.3" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "credit": [ { "lang": "eng", "value": "OSS-Fuzz discovered this vulnerability." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html", "refsource": "CISCO", "url": "https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html" }, { "name": "[debian-lts-announce] 20200519 [SECURITY] [DLA 2215-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html" }, { "name": "FEDORA-2020-bca44487a1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/" }, { "name": "FEDORA-2020-d98d2cbae1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/" }, { "name": "FEDORA-2020-b0acd7b66e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/" }, { "name": "USN-4370-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4370-1/" }, { "name": "USN-4370-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4370-2/" } ] }, "source": { "advisory": "clamav-01023-security-patch", "defect": [ "clamav-01023-security-patch" ], "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3341", "datePublished": "2020-05-13T02:20:13.497191Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-15T17:21:52.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20505
Vulnerability from cvelistv5
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | ClamAV |
Version: 1.4.0 Version: 1.3.2 Version: 1.0.6 Version: 1.0.5 Version: 1.0.4 Version: 1.0.3 Version: 1.0.2 Version: 1.0.1 Version: 1.0.0 Version: 1.2.x Version: 0.105.x Version: 0.104.x Version: 0.103.11 Version: 0.103.10 Version: 0.103.9 Version: 0.103.8 Version: 0.103.7 Version: 0.103.6 Version: 0.103.5 Version: 0.103.4 Version: 0.103.3 Version: 0.103.2 Version: 0.103.1 Version: 0.103.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20505", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-05T13:35:13.258736Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-05T13:35:22.415Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "1.4.0" }, { "status": "affected", "version": "1.3.2" }, { "status": "affected", "version": "1.0.6" }, { "status": "affected", "version": "1.0.5" }, { "status": "affected", "version": "1.0.4" }, { "status": "affected", "version": "1.0.3" }, { "status": "affected", "version": "1.0.2" }, { "status": "affected", "version": "1.0.1" }, { "status": "affected", "version": "1.0.0" }, { "status": "affected", "version": "1.2.x" }, { "status": "affected", "version": "0.105.x" }, { "status": "affected", "version": "0.104.x" }, { "status": "affected", "version": "0.103.11" }, { "status": "affected", "version": "0.103.10" }, { "status": "affected", "version": "0.103.9" }, { "status": "affected", "version": "0.103.8" }, { "status": "affected", "version": "0.103.7" }, { "status": "affected", "version": "0.103.6" }, { "status": "affected", "version": "0.103.5" }, { "status": "affected", "version": "0.103.4" }, { "status": "affected", "version": "0.103.3" }, { "status": "affected", "version": "0.103.2" }, { "status": "affected", "version": "0.103.1" }, { "status": "affected", "version": "0.103.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "format": "cvssV3_1" } ], "providerMetadata": { "dateUpdated": "2024-09-04T21:23:55.715Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html" } ], "source": { "defects": [ "CSCwk44457" ], "discovery": "INTERNAL" }, "title": "ClamAV Memory Handling DoS" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20505", "datePublished": "2024-09-04T21:23:55.715Z", "dateReserved": "2023-11-08T15:08:07.688Z", "dateUpdated": "2024-09-05T13:35:22.415Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-3481
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html | vendor-advisory, x_refsource_CISCO | |
https://security.gentoo.org/glsa/202007-23 | vendor-advisory, x_refsource_GENTOO | |
https://usn.ubuntu.com/4435-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/ | vendor-advisory, x_refsource_FEDORA | |
https://usn.ubuntu.com/4435-2/ | vendor-advisory, x_refsource_UBUNTU | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:37:54.379Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ClamAV 0.102.4 security patch released", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html" }, { "name": "GLSA-202007-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2020-3481", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T17:13:21.201870Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-13T18:18:48.870Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.102.4", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2020-07-20T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-06T07:06:03", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "ClamAV 0.102.4 security patch released", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html" }, { "name": "GLSA-202007-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ], "solutions": [ { "lang": "en", "value": "Upgrade to ClamAV version 0.102.4" } ], "source": { "advisory": "clamav-01024-security-patch", "discovery": "EXTERNAL" }, "title": "Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-07-20T17:36:00.000Z", "ID": "CVE-2020-3481", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.102.4" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-476 NULL Pointer Dereference" } ] } ] }, "references": { "reference_data": [ { "name": "ClamAV 0.102.4 security patch released", "refsource": "CISCO", "url": "https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html" }, { "name": "GLSA-202007-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-23" }, { "name": "USN-4435-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4435-1/" }, { "name": "FEDORA-2020-dd0c20d985", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" }, { "name": "USN-4435-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4435-2/" }, { "name": "FEDORA-2020-6584a641ae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/" }, { "name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2314-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html" } ] }, "solution": [ { "lang": "en", "value": "Upgrade to ClamAV version 0.102.4" } ], "source": { "advisory": "clamav-01024-security-patch", "discovery": "EXTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3481", "datePublished": "2020-07-20T17:45:13.687377Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-13T18:18:48.870Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1789
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:28:42.830Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2019-1789", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-19T17:22:31.716817Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-19T18:52:26.860Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "lessThan": "0.100.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-05T18:25:34", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html" } ], "source": { "advisory": "clamav-01012", "discovery": "USER" }, "title": "ClamAV Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "ID": "CVE-2019-1789", "STATE": "PUBLIC", "TITLE": "ClamAV Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.100.3" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html", "refsource": "MISC", "url": "https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html" } ] }, "source": { "advisory": "clamav-01012", "discovery": "USER" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1789", "datePublished": "2019-11-05T18:25:34", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T18:52:26.860Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-1252
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | vendor-advisory, x_refsource_CISCO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:02:56.276Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1252", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:02:36.719227Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:25:50.669Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "ClamAV", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "0.103.0" }, { "status": "affected", "version": "0.103.1" } ] } ], "datePublic": "2021-04-08T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-08T04:25:10", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ], "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" }, "title": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-04-08T12:08:00.000Z", "ID": "CVE-2021-1252", "STATE": "PUBLIC", "TITLE": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "ClamAV", "version": { "version_data": [ { "version_affected": "=", "version_value": "0.103.0" }, { "version_affected": "=", "version_value": "0.103.1" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "refsource": "CISCO", "url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html" } ] }, "source": { "advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1252", "datePublished": "2021-04-08T04:25:10.891603Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:25:50.669Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202104-0465
Vulnerability from variot
A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. ClamAV (Clam AntiVirus) is a set of free and open source antivirus software from the Clamav team. This software is used to detect Trojans, viruses, malware, and other malicious threats
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0465", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "clamav", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "0.103.2" }, { "model": "immunet", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.4.0" }, { "model": "advanced malware protection for endpoints", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.3.15" } ], "sources": [ { "db": "NVD", "id": "CVE-2021-1386" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Tomasz Kojm", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-439" } ], "trust": 0.6 }, "cve": "CVE-2021-1386", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CVE-2021-1386", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.1, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "VHN-374440", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2021-1386", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "ykramarz@cisco.com", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.0, "id": "CVE-2021-1386", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-1386", "trust": 1.0, "value": "HIGH" }, { "author": "ykramarz@cisco.com", "id": "CVE-2021-1386", "trust": 1.0, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-439", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-374440", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-1386", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-374440" }, { "db": "VULMON", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-439" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "NVD", "id": "CVE-2021-1386" }, { "db": "NVD", "id": "CVE-2021-1386" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is due to insufficient validation of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on an affected system. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. ClamAV (Clam AntiVirus) is a set of free and open source antivirus software from the Clamav team. This software is used to detect Trojans, viruses, malware, and other malicious threats", "sources": [ { "db": "NVD", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULHUB", "id": "VHN-374440" }, { "db": "VULMON", "id": "CVE-2021-1386" } ], "trust": 1.62 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-1386", "trust": 1.8 }, { "db": "PACKETSTORM", "id": "162121", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.1166", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021041368", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-439", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-374440", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-1386", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374440" }, { "db": "VULMON", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-439" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "NVD", "id": "CVE-2021-1386" } ] }, "id": "VAR-202104-0465", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-374440" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T19:29:26.926000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "ClamAV Fixes for code issue vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147021" }, { "title": "Debian CVElist Bug Report Logs: ClamAV 0.103.2 security patch release", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=720c0e9e7dda9bfb798ad333a90ddef1" }, { "title": "Cisco: Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-amp-imm-dll-tu79hvkO" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-439" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-427", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374440" }, { "db": "NVD", "id": "CVE-2021-1386" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-amp-imm-dll-tu79hvko" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/clamav-for-windows-executing-dll-code-35022" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1386" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/162121/clam-antivirus-toolkit-0.103.2.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.1166" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041368" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/427.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622" } ], "sources": [ { "db": "VULHUB", "id": "VHN-374440" }, { "db": "VULMON", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-439" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "NVD", "id": "CVE-2021-1386" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-374440" }, { "db": "VULMON", "id": "CVE-2021-1386" }, { "db": "CNNVD", "id": "CNNVD-202104-439" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "NVD", "id": "CVE-2021-1386" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-04-08T00:00:00", "db": "VULHUB", "id": "VHN-374440" }, { "date": "2021-04-08T00:00:00", "db": "VULMON", "id": "CVE-2021-1386" }, { "date": "2021-04-07T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-439" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-04-08T04:15:12.343000", "db": "NVD", "id": "CVE-2021-1386" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-04-19T00:00:00", "db": "VULHUB", "id": "VHN-374440" }, { "date": "2021-04-19T00:00:00", "db": "VULMON", "id": "CVE-2021-1386" }, { "date": "2021-04-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-439" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2024-11-21T05:44:14.060000", "db": "NVD", "id": "CVE-2021-1386" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-439" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ClamAV Code problem vulnerability", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-439" } ], "trust": 0.6 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-439" } ], "trust": 0.6 } }
var-201606-0327
Vulnerability from variot
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. This issue is fixed in: Cisco ClamAV 0.99 Cisco Email Security Appliance 9.7.0-125 Cisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. =========================================================================== Ubuntu Security Notice USN-3093-1 September 28, 2016
clamav vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
ClamAV could be made to crash or run programs if it processed a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled certain malformed files.
In the default installation, attackers would be isolated by the ClamAV AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: clamav 0.99.2+dfsg-0ubuntu0.16.04.1
Ubuntu 14.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.14.04.1
Ubuntu 12.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3093-1 CVE-2016-1371, CVE-2016-1372, CVE-2016-1405
Package Information: https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0327", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "clamav", "scope": null, "trust": 1.4, "vendor": "clamav", "version": null }, { "model": "web security appliance", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "8.8.0-085" }, { "model": "email security appliance", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "9.6.0-042" }, { "model": "web security appliance", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.1.0-070" }, { "model": "web security appliance", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.5.0-284" }, { "model": "clamav", "scope": "eq", "trust": 1.0, "vendor": "clamav", "version": "*" }, { "model": "web security the appliance", "scope": "lt", "trust": 0.8, "vendor": "cisco", "version": "9.1.x" }, { "model": "web security the appliance", "scope": "eq", "trust": 0.8, "vendor": "cisco", "version": "9.1.1-041" }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "16.04" }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.04" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.7" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.5" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5.1" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.4" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.3" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.2" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.1" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.0" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.8" }, { "model": "web security appliance 8.7.0-171-ld", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.7" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.6" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.3-051" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.2-004" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.1-021" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.0.000" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.0-497" }, { "model": "web security appliance hot patch", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.51" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.1.0-235" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.1" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.8-113" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.7-151" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.7-142" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.6-115" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.6-078" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.6-073" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.6" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7.0-757" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7.0-725" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7.0-602" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7.0-550" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.7" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5.1-201" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5.0-838" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.4-101" }, { "model": "web security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.3-013" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.2" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6.2" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5.2" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.3.2" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.3.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.3" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.5" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.4" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.3" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.2" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.6.0-051" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.6.0-046" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.6" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.5.0-201" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.5" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.1.1-023" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.1.0-032" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.1" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.0.0-461" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "9.0" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.7-043" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.7-042" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.6-074" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.6-073" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5.6-106" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.5" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "8.0.1-023" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.8" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.6.3-019" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.1.5-106" }, { "model": "email security appliance", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3.3.1-09" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.98.7" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.98.5" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.98.4" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.98" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.97.8" }, { "model": "clamav", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0.98.6" }, { "model": "web security appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9.1.1-041" }, { "model": "web security appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9.0.1-135" }, { "model": "email security appliance", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "9.7.0-125" }, { "model": "clamav", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "0.99" } ], "sources": [ { "db": "BID", "id": "90968" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "CNNVD", "id": "CNNVD-201605-717" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:clamav:clamav", "vulnerable": true }, { "cpe22Uri": "cpe:/h:cisco:email_security_appliance", "vulnerable": true }, { "cpe22Uri": "cpe:/h:cisco:web_security_appliance", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003096" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "90968" } ], "trust": 0.3 }, "cve": "CVE-2016-1405", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2016-1405", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-90224", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2016-1405", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-1405", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2016-1405", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201605-717", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-90224", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-90224" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "CNNVD", "id": "CNNVD-201605-717" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. \nThis issue is fixed in:\nCisco ClamAV 0.99\nCisco Email Security Appliance 9.7.0-125\nCisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. \n===========================================================================\nUbuntu Security Notice USN-3093-1\nSeptember 28, 2016\n\nclamav vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nClamAV could be made to crash or run programs if it processed a specially\ncrafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nIt was discovered that ClamAV incorrectly handled certain malformed files. \n\nIn the default installation, attackers would be isolated by the ClamAV\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n clamav 0.99.2+dfsg-0ubuntu0.16.04.1\n\nUbuntu 14.04 LTS:\n clamav 0.99.2+addedllvm-0ubuntu0.14.04.1\n\nUbuntu 12.04 LTS:\n clamav 0.99.2+addedllvm-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n http://www.ubuntu.com/usn/usn-3093-1\n CVE-2016-1371, CVE-2016-1372, CVE-2016-1405\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1\n https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1\n\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2016-1405" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "BID", "id": "90968" }, { "db": "VULHUB", "id": "VHN-90224" }, { "db": "PACKETSTORM", "id": "138895" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-1405", "trust": 2.9 }, { "db": "BID", "id": "90968", "trust": 1.4 }, { "db": "SECTRACK", "id": "1035994", "trust": 1.1 }, { "db": "SECTRACK", "id": "1035993", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2016-003096", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201605-717", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2016.1376", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-90224", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "138895", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-90224" }, { "db": "BID", "id": "90968" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "PACKETSTORM", "id": "138895" }, { "db": "CNNVD", "id": "CNNVD-201605-717" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "id": "VAR-201606-0327", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-90224" } ], "trust": 0.54899413 }, "last_update_date": "2024-11-23T22:26:55.526000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "cisco-sa-20160531-wsa-esa", "trust": 0.8, "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa" }, { "title": "ChangeLog", "trust": 0.8, "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog" }, { "title": "Cisco Advance Malware Protection for Email Security Appliance and Web Security Appliance Clam AntiVirus Remediation measures for denial of service vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62025" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "CNNVD", "id": "CNNVD-201605-717" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-90224" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160531-wsa-esa" }, { "trust": 1.7, "url": "https://github.com/vrtadmin/clamav-devel/blob/master/changelog" }, { "trust": 1.2, "url": "http://www.ubuntu.com/usn/usn-3093-1" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/90968" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1035993" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1035994" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1405" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1405" }, { "trust": 0.6, "url": "http://www.auscert.org.au/./render.html?it=35274" }, { "trust": 0.3, "url": "http://www.cisco.com/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1371" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1372" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1405" } ], "sources": [ { "db": "VULHUB", "id": "VHN-90224" }, { "db": "BID", "id": "90968" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "PACKETSTORM", "id": "138895" }, { "db": "CNNVD", "id": "CNNVD-201605-717" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-90224" }, { "db": "BID", "id": "90968" }, { "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "db": "PACKETSTORM", "id": "138895" }, { "db": "CNNVD", "id": "CNNVD-201605-717" }, { "db": "NVD", "id": "CVE-2016-1405" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-06-08T00:00:00", "db": "VULHUB", "id": "VHN-90224" }, { "date": "2016-05-31T00:00:00", "db": "BID", "id": "90968" }, { "date": "2016-06-14T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "date": "2016-09-29T04:25:18", "db": "PACKETSTORM", "id": "138895" }, { "date": "2016-05-31T00:00:00", "db": "CNNVD", "id": "CNNVD-201605-717" }, { "date": "2016-06-08T14:59:12.827000", "db": "NVD", "id": "CVE-2016-1405" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-28T00:00:00", "db": "VULHUB", "id": "VHN-90224" }, { "date": "2016-10-03T09:01:00", "db": "BID", "id": "90968" }, { "date": "2016-06-14T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003096" }, { "date": "2016-06-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201605-717" }, { "date": "2024-11-21T02:46:22.860000", "db": "NVD", "id": "CVE-2016-1405" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "138895" }, { "db": "CNNVD", "id": "CNNVD-201605-717" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco E Email Security Appliance and Web Security Used by appliance devices ClamAV Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003096" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-201605-717" } ], "trust": 0.6 } }