Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-9050 (GCVE-0-2014-9050)
Vulnerability from cvelistv5 – Published: 2014-12-01 15:00 – Updated: 2024-08-06 13:33
VLAI?
EPSS
Summary
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Date Public ?
2014-11-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-28T13:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2014:1560",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:1560",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62542"
},
{
"name": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9050",
"datePublished": "2014-12-01T15:00:00.000Z",
"dateReserved": "2014-11-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:33:13.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.94.3\", \"matchCriteriaId\": \"DB90B433-1628-4D60-A48B-FBA140542E0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68EC0AEB-91CF-4A79-AF40-A475E896FB45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5935EDE0-9203-4150-9B7A-AB10B377F9F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59C2680C-C187-487A-B6C4-F509E0C52436\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A796E5E1-6481-49EF-8D97-9EC2A01C712B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"812B11BD-344F-40DC-9996-0CBB4BB143B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E951B4D-F244-43A4-9593-B8B975D16C39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22958219-46D6-4868-B324-BFC2F2C893F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4543DDEE-C1D1-428F-91C7-98B8985A5931\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FED760C-7106-49CE-B4FE-CA53A1092C14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"821EF522-A058-4509-A4CB-E9B800E83EFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*\", \"matchCriteriaId\": \"CABA4177-6B24-4364-BC34-D5ED171E60FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F488ACB2-A013-4BF3-B5AC-897E40BA87F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D5799FA-DD99-4A35-BC56-B2FBEB747226\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F32EA99F-088E-499E-9DCE-EFA9A64D1673\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B04C5B-316D-4C6A-96CF-F145F7C9E636\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E66D5CDE-ED5D-41BA-A4B1-28E8559EC056\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20769174-C51F-47D5-A34F-EB772F542A57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"721B8B46-DFD9-4937-96A3-8D731304415B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDF18A59-FB30-45C6-B28E-4499DCD78F42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B28E0BE-1E2D-45D2-B483-2D81326BF482\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7029650-6DF1-4616-BE9F-DE40E9BBE3A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F47FD5DF-F22E-4B78-9B92-A9C41950F836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1F9571F-9192-414F-B680-10A22C71CFDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7CAC876-9AAC-407C-A34E-98AA6801D25F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"470FC8FE-785A-4934-8989-D17C1796870E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79A6C0FE-2EED-447D-9F62-12CFF1E0918A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0928E05F-92E7-4451-AC11-4E6A014E1154\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2E7A70A-3584-4259-80CA-03AE290ABAE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24AF81C1-5B68-4D84-AFB9-C0419B7F98D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D27D70A0-EC82-4DC7-A66D-60D263B76E37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*\", \"matchCriteriaId\": \"28C9C5AD-97A9-42C8-917C-2787785F5BEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4AB3389-1C30-47BB-9DAE-0F744E7F8877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD4D3D3E-067B-4A37-A851-99D2A3E20FC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DA837A0-C8CB-486B-845E-A370E3137697\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"235A144A-4AB1-4756-AFB1-58AFFE02649E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"767BBE7F-6CC4-42D4-9730-6E617D36AAE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EA7CD6A-133F-48E4-87BC-77CF21A25940\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F65A7930-A913-4C3D-95A3-E629D6A468C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*\", \"matchCriteriaId\": \"05D1FAF4-B4F8-446F-88C3-01289C01DB8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"342A854F-0942-4A3E-AF08-BD41D8F453DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB0958CD-187F-4DD0-A31B-5002861F6326\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C24942D-7AD6-4391-8F05-2827AB6A751E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BABA6024-1769-44D9-BF20-215602980A89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA719FE4-04E0-4664-8EEC-70CD613408DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F7364D6-36F6-4615-95F0-E0B56722DAAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C859F864-B68F-4805-B804-E50F2C3FFE8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5CAFEA5-C062-43EA-A302-38887DA6768C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"525DC218-308C-4A0E-96A7-DC74B8973B62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4969C16-F67D-4C30-A537-FE64F4CFC3D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0D72B20-1F61-4499-9ADE-88AF98C3C19C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72C71B82-8F84-4855-A138-7E7436788D69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"039341D8-8E2B-4901-BFA6-9CCC46A18C75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C048A75E-6587-485C-9F2B-E12BED34FF2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EC4D448-DDCD-4C0B-AA84-2D054FCF718C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B003639-3228-4AC1-AB46-73481BB5DDA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D6A495D-F9BB-41B9-A912-670D837EA278\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45F5E6B4-88DD-4426-9FB6-D9009F6B8740\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB1EB857-D417-49EB-89FD-04733C872EE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4551D5ED-6C72-4C9B-A556-491042A6113A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01859947-09D4-417E-92A4-FA4F1625C60D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"797B7A3B-BAEA-4868-BC3E-CE629FE151F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30337B76-E552-431F-B49C-A418E5B851A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53027413-3353-4051-88FA-A46859AD747A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"970D5900-7F83-4140-A3E4-FF4E710DBD2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA0D4F76-258B-4E5D-AA4D-8231E846C76F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2A669CC-C10F-4E74-ACD0-DF933D723EB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5180162-81FA-4605-B5B6-E01B312341EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9915D81-4A7C-4B22-86F7-369CF68A0F71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F2E0386-6A8E-4416-A4C6-139EB2CAD57D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"613E8544-7B2B-4FC5-AC60-190EC2D8025A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13E8E7E7-E29A-4539-8D8C-45B9C39B0146\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A966F2C4-47A0-445F-8927-0F0222A48FB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7681419E-5125-40D6-BE61-57CE9C8F3DB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CE0D056-B84F-4331-832C-5D1703A15A57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96A13543-D7E2-41D6-8E8E-BE150ECDAA75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27310591-C883-4929-824A-AE99E7592D3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2964A047-0277-4DA4-BDBE-3F5FC3C1F68E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E891471A-A0B8-4251-A6D3-60E947A18F70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A3340E5-36AF-4BFC-B6E8-13213EA6969F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D520BB1-7863-42B2-88D7-23C543A8F13C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0E6A5E0-66E0-4EA7-9007-2389179500C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED827D10-C862-4BC7-AB33-06E040DAE161\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51DC9827-D7D1-4D34-AA35-6A7BDB92907D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37A3B776-0096-41B7-8D2E-C6F0B4F37458\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5AAC04C-FFC7-45D8-A29C-6B258CD56489\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06278C4-328D-4D14-9BC1-DCA697EC9EDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A66094D-050A-405E-AB0F-239A39F64E43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B931BDB2-DBE4-4983-ABFB-86941CDD14F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8FA4A86-C015-4F1F-B565-89410E70D053\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0722860E-934A-49CA-BEAD-0EB05AA6E4C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.\"}, {\"lang\": \"es\", \"value\": \"El desbordamiento de b\\u00fafer en la regi\\u00f3n heap de la memoria en la funci\\u00f3n cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versi\\u00f3n 0.98.5, permite a los atacantes remotos causar una denegaci\\u00f3n de servicio (bloqueo) por medio de un archivo y0da Crypter PE dise\\u00f1ado.\"}]",
"id": "CVE-2014-9050",
"lastModified": "2024-11-21T02:20:10.553",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2014-12-01T15:59:10.797",
"references": "[{\"url\": \"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/59645\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/62542\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/11/22/1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/71242\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1031268\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2423-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/59645\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/62542\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2014/11/22/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/71242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1031268\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2423-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2014-9050\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-12-01T15:59:10.797\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.\"},{\"lang\":\"es\",\"value\":\"El desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versi\u00f3n 0.98.5, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo y0da Crypter PE dise\u00f1ado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.94.3\",\"matchCriteriaId\":\"DB90B433-1628-4D60-A48B-FBA140542E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EC0AEB-91CF-4A79-AF40-A475E896FB45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5935EDE0-9203-4150-9B7A-AB10B377F9F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59C2680C-C187-487A-B6C4-F509E0C52436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A796E5E1-6481-49EF-8D97-9EC2A01C712B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"812B11BD-344F-40DC-9996-0CBB4BB143B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E951B4D-F244-43A4-9593-B8B975D16C39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22958219-46D6-4868-B324-BFC2F2C893F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4543DDEE-C1D1-428F-91C7-98B8985A5931\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FED760C-7106-49CE-B4FE-CA53A1092C14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821EF522-A058-4509-A4CB-E9B800E83EFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*\",\"matchCriteriaId\":\"CABA4177-6B24-4364-BC34-D5ED171E60FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F488ACB2-A013-4BF3-B5AC-897E40BA87F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D5799FA-DD99-4A35-BC56-B2FBEB747226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32EA99F-088E-499E-9DCE-EFA9A64D1673\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B04C5B-316D-4C6A-96CF-F145F7C9E636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E66D5CDE-ED5D-41BA-A4B1-28E8559EC056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20769174-C51F-47D5-A34F-EB772F542A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"721B8B46-DFD9-4937-96A3-8D731304415B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDF18A59-FB30-45C6-B28E-4499DCD78F42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B28E0BE-1E2D-45D2-B483-2D81326BF482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7029650-6DF1-4616-BE9F-DE40E9BBE3A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F47FD5DF-F22E-4B78-9B92-A9C41950F836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F9571F-9192-414F-B680-10A22C71CFDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7CAC876-9AAC-407C-A34E-98AA6801D25F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"470FC8FE-785A-4934-8989-D17C1796870E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A6C0FE-2EED-447D-9F62-12CFF1E0918A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0928E05F-92E7-4451-AC11-4E6A014E1154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E7A70A-3584-4259-80CA-03AE290ABAE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24AF81C1-5B68-4D84-AFB9-C0419B7F98D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D27D70A0-EC82-4DC7-A66D-60D263B76E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"28C9C5AD-97A9-42C8-917C-2787785F5BEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4AB3389-1C30-47BB-9DAE-0F744E7F8877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD4D3D3E-067B-4A37-A851-99D2A3E20FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DA837A0-C8CB-486B-845E-A370E3137697\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"235A144A-4AB1-4756-AFB1-58AFFE02649E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"767BBE7F-6CC4-42D4-9730-6E617D36AAE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EA7CD6A-133F-48E4-87BC-77CF21A25940\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F65A7930-A913-4C3D-95A3-E629D6A468C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D1FAF4-B4F8-446F-88C3-01289C01DB8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"342A854F-0942-4A3E-AF08-BD41D8F453DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0958CD-187F-4DD0-A31B-5002861F6326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C24942D-7AD6-4391-8F05-2827AB6A751E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BABA6024-1769-44D9-BF20-215602980A89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA719FE4-04E0-4664-8EEC-70CD613408DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F7364D6-36F6-4615-95F0-E0B56722DAAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C859F864-B68F-4805-B804-E50F2C3FFE8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5CAFEA5-C062-43EA-A302-38887DA6768C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"525DC218-308C-4A0E-96A7-DC74B8973B62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4969C16-F67D-4C30-A537-FE64F4CFC3D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D72B20-1F61-4499-9ADE-88AF98C3C19C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72C71B82-8F84-4855-A138-7E7436788D69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"039341D8-8E2B-4901-BFA6-9CCC46A18C75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C048A75E-6587-485C-9F2B-E12BED34FF2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EC4D448-DDCD-4C0B-AA84-2D054FCF718C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B003639-3228-4AC1-AB46-73481BB5DDA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D6A495D-F9BB-41B9-A912-670D837EA278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45F5E6B4-88DD-4426-9FB6-D9009F6B8740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB1EB857-D417-49EB-89FD-04733C872EE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4551D5ED-6C72-4C9B-A556-491042A6113A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01859947-09D4-417E-92A4-FA4F1625C60D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"797B7A3B-BAEA-4868-BC3E-CE629FE151F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30337B76-E552-431F-B49C-A418E5B851A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53027413-3353-4051-88FA-A46859AD747A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"970D5900-7F83-4140-A3E4-FF4E710DBD2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA0D4F76-258B-4E5D-AA4D-8231E846C76F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2A669CC-C10F-4E74-ACD0-DF933D723EB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5180162-81FA-4605-B5B6-E01B312341EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9915D81-4A7C-4B22-86F7-369CF68A0F71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F2E0386-6A8E-4416-A4C6-139EB2CAD57D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"613E8544-7B2B-4FC5-AC60-190EC2D8025A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13E8E7E7-E29A-4539-8D8C-45B9C39B0146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A966F2C4-47A0-445F-8927-0F0222A48FB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7681419E-5125-40D6-BE61-57CE9C8F3DB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CE0D056-B84F-4331-832C-5D1703A15A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96A13543-D7E2-41D6-8E8E-BE150ECDAA75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27310591-C883-4929-824A-AE99E7592D3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2964A047-0277-4DA4-BDBE-3F5FC3C1F68E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E891471A-A0B8-4251-A6D3-60E947A18F70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3340E5-36AF-4BFC-B6E8-13213EA6969F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D520BB1-7863-42B2-88D7-23C543A8F13C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0E6A5E0-66E0-4EA7-9007-2389179500C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED827D10-C862-4BC7-AB33-06E040DAE161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51DC9827-D7D1-4D34-AA35-6A7BDB92907D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37A3B776-0096-41B7-8D2E-C6F0B4F37458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AAC04C-FFC7-45D8-A29C-6B258CD56489\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06278C4-328D-4D14-9BC1-DCA697EC9EDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A66094D-050A-405E-AB0F-239A39F64E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B931BDB2-DBE4-4983-ABFB-86941CDD14F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8FA4A86-C015-4F1F-B565-89410E70D053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0722860E-934A-49CA-BEAD-0EB05AA6E4C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E\"}]}]}],\"references\":[{\"url\":\"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/59645\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/62542\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/11/22/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/71242\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1031268\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2423-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59645\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62542\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/11/22/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/71242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1031268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2423-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
}
}
GSD-2014-9050
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-9050",
"description": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"id": "GSD-2014-9050",
"references": [
"https://www.suse.com/security/cve/CVE-2014-9050.html",
"https://ubuntu.com/security/CVE-2014-9050",
"https://advisories.mageia.org/CVE-2014-9050.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-9050"
],
"details": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"id": "GSD-2014-9050",
"modified": "2023-12-13T01:22:48.738160Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:1560",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "71242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "62542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62542"
},
{
"name": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "59645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59645"
},
{
"name": "USN-2423-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.94.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9050"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59645",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/59645"
},
{
"name": "62542",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/62542"
},
{
"name": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"name": "71242",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/71242"
},
{
"name": "FEDORA-2014-15463",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e",
"refsource": "CONFIRM",
"tags": [
"Exploit"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "USN-2423-1",
"refsource": "UBUNTU",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "SUSE-SU-2014:1574",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"name": "openSUSE-SU-2014:1560",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"name": "SUSE-SU-2014:1571",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"name": "1031268",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1031268"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2015-04-30T02:01Z",
"publishedDate": "2014-12-01T15:59Z"
}
}
}
SUSE-SU-2015:0871-1
Vulnerability from csaf_suse - Published: 2014-05-28 15:49 - Updated: 2014-05-28 15:49Summary
Recommended update for clamav
Severity
Moderate
Notes
Title of the patch: Recommended update for clamav
Description of the patch:
The antivirus scanner ClamAV has been updated to version 0.98.3, which
includes the following fixes and enhancements:
* Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.
* All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,
clamdtop) now support IPV6 addresses and configuration parameters.
* Use OpenSSL file hash functions for improved performance.
* Improved detection of malware scripts within image files.
* Miscellaneous bug fixes and documentation improvements.
Patchnames: sledsp3-clamav,slessp3-clamav
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for clamav",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe antivirus scanner ClamAV has been updated to version 0.98.3, which \nincludes the following fixes and enhancements:\n\n * Support for common raw disk image formats using 512 byte sectors,\n specifically GPT, APM, and MBR partitioning.\n * All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,\n clamdtop) now support IPV6 addresses and configuration parameters.\n * Use OpenSSL file hash functions for improved performance.\n * Improved detection of malware scripts within image files.\n * Miscellaneous bug fixes and documentation improvements.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sledsp3-clamav,slessp3-clamav",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0871-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0871-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150871-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0871-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-May/001382.html"
},
{
"category": "self",
"summary": "SUSE Bug 816865",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "self",
"summary": "SUSE Bug 841815",
"url": "https://bugzilla.suse.com/841815"
},
{
"category": "self",
"summary": "SUSE Bug 865883",
"url": "https://bugzilla.suse.com/865883"
},
{
"category": "self",
"summary": "SUSE Bug 877475",
"url": "https://bugzilla.suse.com/877475"
},
{
"category": "self",
"summary": "SUSE Bug 903489",
"url": "https://bugzilla.suse.com/903489"
},
{
"category": "self",
"summary": "SUSE Bug 903719",
"url": "https://bugzilla.suse.com/903719"
},
{
"category": "self",
"summary": "SUSE Bug 904207",
"url": "https://bugzilla.suse.com/904207"
},
{
"category": "self",
"summary": "SUSE Bug 906077",
"url": "https://bugzilla.suse.com/906077"
},
{
"category": "self",
"summary": "SUSE Bug 906770",
"url": "https://bugzilla.suse.com/906770"
},
{
"category": "self",
"summary": "SUSE Bug 915512",
"url": "https://bugzilla.suse.com/915512"
},
{
"category": "self",
"summary": "SUSE Bug 916214",
"url": "https://bugzilla.suse.com/916214"
},
{
"category": "self",
"summary": "SUSE Bug 916215",
"url": "https://bugzilla.suse.com/916215"
},
{
"category": "self",
"summary": "SUSE Bug 916217",
"url": "https://bugzilla.suse.com/916217"
},
{
"category": "self",
"summary": "SUSE Bug 929192",
"url": "https://bugzilla.suse.com/929192"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2020 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2021 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6497 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9050 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9328 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1461 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1462 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1463 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2170 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2222 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2305 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2668 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2668/"
}
],
"title": "Recommended update for clamav",
"tracking": {
"current_release_date": "2014-05-28T15:49:37Z",
"generator": {
"date": "2014-05-28T15:49:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0871-1",
"initial_release_date": "2014-05-28T15:49:37Z",
"revision_history": [
{
"date": "2014-05-28T15:49:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.i586",
"product": {
"name": "clamav-0.98.3-0.11.1.i586",
"product_id": "clamav-0.98.3-0.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.ia64",
"product": {
"name": "clamav-0.98.3-0.11.1.ia64",
"product_id": "clamav-0.98.3-0.11.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.ppc64",
"product": {
"name": "clamav-0.98.3-0.11.1.ppc64",
"product_id": "clamav-0.98.3-0.11.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.s390x",
"product": {
"name": "clamav-0.98.3-0.11.1.s390x",
"product_id": "clamav-0.98.3-0.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.x86_64",
"product": {
"name": "clamav-0.98.3-0.11.1.x86_64",
"product_id": "clamav-0.98.3-0.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-2020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2020"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2020",
"url": "https://www.suse.com/security/cve/CVE-2013-2020"
},
{
"category": "external",
"summary": "SUSE Bug 816865 for CVE-2013-2020",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "external",
"summary": "SUSE Bug 899395 for CVE-2013-2020",
"url": "https://bugzilla.suse.com/899395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-2020"
},
{
"cve": "CVE-2013-2021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2021"
}
],
"notes": [
{
"category": "general",
"text": "pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2021",
"url": "https://www.suse.com/security/cve/CVE-2013-2021"
},
{
"category": "external",
"summary": "SUSE Bug 816865 for CVE-2013-2021",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "external",
"summary": "SUSE Bug 899395 for CVE-2013-2021",
"url": "https://bugzilla.suse.com/899395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-2021"
},
{
"cve": "CVE-2013-6497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6497"
}
],
"notes": [
{
"category": "general",
"text": "clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6497",
"url": "https://www.suse.com/security/cve/CVE-2013-6497"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2013-6497",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 906077 for CVE-2013-6497",
"url": "https://bugzilla.suse.com/906077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-6497"
},
{
"cve": "CVE-2014-9050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9050"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9050",
"url": "https://www.suse.com/security/cve/CVE-2014-9050"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 906770 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/906770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2014-9050"
},
{
"cve": "CVE-2014-9328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9328"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9328",
"url": "https://www.suse.com/security/cve/CVE-2014-9328"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2014-9328",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 915512 for CVE-2014-9328",
"url": "https://bugzilla.suse.com/915512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2014-9328"
},
{
"cve": "CVE-2015-1461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1461"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda\u0027s crypter or (2) mew packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1461",
"url": "https://www.suse.com/security/cve/CVE-2015-1461"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1461",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916217 for CVE-2015-1461",
"url": "https://bugzilla.suse.com/916217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2015-1461"
},
{
"cve": "CVE-2015-1462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1462"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1462",
"url": "https://www.suse.com/security/cve/CVE-2015-1462"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1462",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916214 for CVE-2015-1462",
"url": "https://bugzilla.suse.com/916214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2015-1462"
},
{
"cve": "CVE-2015-1463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1463"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an \"incorrect compiler optimization.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1463",
"url": "https://www.suse.com/security/cve/CVE-2015-1463"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1463",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916215 for CVE-2015-1463",
"url": "https://bugzilla.suse.com/916215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-1463"
},
{
"cve": "CVE-2015-2170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2170"
}
],
"notes": [
{
"category": "general",
"text": "The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2170",
"url": "https://www.suse.com/security/cve/CVE-2015-2170"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2170"
},
{
"cve": "CVE-2015-2221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2221"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2221",
"url": "https://www.suse.com/security/cve/CVE-2015-2221"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2221"
},
{
"cve": "CVE-2015-2222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2222"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2222",
"url": "https://www.suse.com/security/cve/CVE-2015-2222"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2222"
},
{
"cve": "CVE-2015-2305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2305"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2305",
"url": "https://www.suse.com/security/cve/CVE-2015-2305"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922022 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922022"
},
{
"category": "external",
"summary": "SUSE Bug 922028 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922028"
},
{
"category": "external",
"summary": "SUSE Bug 922030 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922030"
},
{
"category": "external",
"summary": "SUSE Bug 922043 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922043"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 922567 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922567"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/929192"
},
{
"category": "external",
"summary": "SUSE Bug 980366 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/980366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2305"
},
{
"cve": "CVE-2015-2668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2668"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2668",
"url": "https://www.suse.com/security/cve/CVE-2015-2668"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2668"
}
]
}
SUSE-SU-2015:0298-1
Vulnerability from csaf_suse - Published: 2014-05-28 15:49 - Updated: 2014-05-28 15:49Summary
Recommended update for clamav
Severity
Moderate
Notes
Title of the patch: Recommended update for clamav
Description of the patch:
The antivirus scanner ClamAV has been updated to version 0.98.3, which
includes the following fixes and enhancements:
* Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.
* All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,
clamdtop) now support IPV6 addresses and configuration parameters.
* Use OpenSSL file hash functions for improved performance.
* Improved detection of malware scripts within image files.
* Miscellaneous bug fixes and documentation improvements.
Patchnames: sledsp3-clamav,slessp1-clamav,slessp2-clamav,slessp3-clamav
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for clamav",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe antivirus scanner ClamAV has been updated to version 0.98.3, which \nincludes the following fixes and enhancements:\n\n * Support for common raw disk image formats using 512 byte sectors,\n specifically GPT, APM, and MBR partitioning.\n * All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan,\n clamdtop) now support IPV6 addresses and configuration parameters.\n * Use OpenSSL file hash functions for improved performance.\n * Improved detection of malware scripts within image files.\n * Miscellaneous bug fixes and documentation improvements.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sledsp3-clamav,slessp1-clamav,slessp2-clamav,slessp3-clamav",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0298-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0298-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150298-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0298-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-February/001230.html"
},
{
"category": "self",
"summary": "SUSE Bug 816865",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "self",
"summary": "SUSE Bug 841815",
"url": "https://bugzilla.suse.com/841815"
},
{
"category": "self",
"summary": "SUSE Bug 865883",
"url": "https://bugzilla.suse.com/865883"
},
{
"category": "self",
"summary": "SUSE Bug 877475",
"url": "https://bugzilla.suse.com/877475"
},
{
"category": "self",
"summary": "SUSE Bug 903489",
"url": "https://bugzilla.suse.com/903489"
},
{
"category": "self",
"summary": "SUSE Bug 903719",
"url": "https://bugzilla.suse.com/903719"
},
{
"category": "self",
"summary": "SUSE Bug 904207",
"url": "https://bugzilla.suse.com/904207"
},
{
"category": "self",
"summary": "SUSE Bug 906077",
"url": "https://bugzilla.suse.com/906077"
},
{
"category": "self",
"summary": "SUSE Bug 906770",
"url": "https://bugzilla.suse.com/906770"
},
{
"category": "self",
"summary": "SUSE Bug 915512",
"url": "https://bugzilla.suse.com/915512"
},
{
"category": "self",
"summary": "SUSE Bug 916214",
"url": "https://bugzilla.suse.com/916214"
},
{
"category": "self",
"summary": "SUSE Bug 916215",
"url": "https://bugzilla.suse.com/916215"
},
{
"category": "self",
"summary": "SUSE Bug 916217",
"url": "https://bugzilla.suse.com/916217"
},
{
"category": "self",
"summary": "SUSE Bug 929192",
"url": "https://bugzilla.suse.com/929192"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2020 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-2021 page",
"url": "https://www.suse.com/security/cve/CVE-2013-2021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6497 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9050 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9328 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1461 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1462 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1463 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2170 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2222 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2305 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2668 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2668/"
}
],
"title": "Recommended update for clamav",
"tracking": {
"current_release_date": "2014-05-28T15:49:37Z",
"generator": {
"date": "2014-05-28T15:49:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0298-1",
"initial_release_date": "2014-05-28T15:49:37Z",
"revision_history": [
{
"date": "2014-05-28T15:49:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.i586",
"product": {
"name": "clamav-0.98.3-0.11.1.i586",
"product_id": "clamav-0.98.3-0.11.1.i586"
}
},
{
"category": "product_version",
"name": "clamav-0.97.8-0.2.1.i586",
"product": {
"name": "clamav-0.97.8-0.2.1.i586",
"product_id": "clamav-0.97.8-0.2.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.97.8-0.2.1.ia64",
"product": {
"name": "clamav-0.97.8-0.2.1.ia64",
"product_id": "clamav-0.97.8-0.2.1.ia64"
}
},
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.ia64",
"product": {
"name": "clamav-0.98.3-0.11.1.ia64",
"product_id": "clamav-0.98.3-0.11.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.97.8-0.2.1.ppc64",
"product": {
"name": "clamav-0.97.8-0.2.1.ppc64",
"product_id": "clamav-0.97.8-0.2.1.ppc64"
}
},
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.ppc64",
"product": {
"name": "clamav-0.98.3-0.11.1.ppc64",
"product_id": "clamav-0.98.3-0.11.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.s390x",
"product": {
"name": "clamav-0.98.3-0.11.1.s390x",
"product_id": "clamav-0.98.3-0.11.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-0.97.8-0.2.1.s390x",
"product": {
"name": "clamav-0.97.8-0.2.1.s390x",
"product_id": "clamav-0.97.8-0.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-0.98.3-0.11.1.x86_64",
"product": {
"name": "clamav-0.98.3-0.11.1.x86_64",
"product_id": "clamav-0.98.3-0.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-0.97.8-0.2.1.x86_64",
"product": {
"name": "clamav-0.97.8-0.2.1.x86_64",
"product_id": "clamav-0.97.8-0.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp1:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3",
"product_id": "SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP1-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP1-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586"
},
"product_reference": "clamav-0.97.8-0.2.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64"
},
"product_reference": "clamav-0.97.8-0.2.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64"
},
"product_reference": "clamav-0.97.8-0.2.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x"
},
"product_reference": "clamav-0.97.8-0.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2",
"product_id": "SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64"
},
"product_reference": "clamav-0.97.8-0.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586"
},
"product_reference": "clamav-0.97.8-0.2.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64"
},
"product_reference": "clamav-0.97.8-0.2.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64"
},
"product_reference": "clamav-0.97.8-0.2.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x"
},
"product_reference": "clamav-0.97.8-0.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64"
},
"product_reference": "clamav-0.97.8-0.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586"
},
"product_reference": "clamav-0.97.8-0.2.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64"
},
"product_reference": "clamav-0.97.8-0.2.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64"
},
"product_reference": "clamav-0.97.8-0.2.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x"
},
"product_reference": "clamav-0.97.8-0.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.97.8-0.2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64"
},
"product_reference": "clamav-0.97.8-0.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586"
},
"product_reference": "clamav-0.98.3-0.11.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64"
},
"product_reference": "clamav-0.98.3-0.11.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64"
},
"product_reference": "clamav-0.98.3-0.11.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x"
},
"product_reference": "clamav-0.98.3-0.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-0.98.3-0.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
},
"product_reference": "clamav-0.98.3-0.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-2020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2020"
}
],
"notes": [
{
"category": "general",
"text": "Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2020",
"url": "https://www.suse.com/security/cve/CVE-2013-2020"
},
{
"category": "external",
"summary": "SUSE Bug 816865 for CVE-2013-2020",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "external",
"summary": "SUSE Bug 899395 for CVE-2013-2020",
"url": "https://bugzilla.suse.com/899395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-2020"
},
{
"cve": "CVE-2013-2021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-2021"
}
],
"notes": [
{
"category": "general",
"text": "pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-2021",
"url": "https://www.suse.com/security/cve/CVE-2013-2021"
},
{
"category": "external",
"summary": "SUSE Bug 816865 for CVE-2013-2021",
"url": "https://bugzilla.suse.com/816865"
},
{
"category": "external",
"summary": "SUSE Bug 899395 for CVE-2013-2021",
"url": "https://bugzilla.suse.com/899395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-2021"
},
{
"cve": "CVE-2013-6497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6497"
}
],
"notes": [
{
"category": "general",
"text": "clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6497",
"url": "https://www.suse.com/security/cve/CVE-2013-6497"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2013-6497",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 906077 for CVE-2013-6497",
"url": "https://bugzilla.suse.com/906077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2013-6497"
},
{
"cve": "CVE-2014-9050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9050"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9050",
"url": "https://www.suse.com/security/cve/CVE-2014-9050"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 906770 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/906770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2014-9050"
},
{
"cve": "CVE-2014-9328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9328"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9328",
"url": "https://www.suse.com/security/cve/CVE-2014-9328"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2014-9328",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 915512 for CVE-2014-9328",
"url": "https://bugzilla.suse.com/915512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2014-9328"
},
{
"cve": "CVE-2015-1461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1461"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda\u0027s crypter or (2) mew packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1461",
"url": "https://www.suse.com/security/cve/CVE-2015-1461"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1461",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916217 for CVE-2015-1461",
"url": "https://bugzilla.suse.com/916217"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2015-1461"
},
{
"cve": "CVE-2015-1462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1462"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a \"heap out of bounds condition.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1462",
"url": "https://www.suse.com/security/cve/CVE-2015-1462"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1462",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916214 for CVE-2015-1462",
"url": "https://bugzilla.suse.com/916214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "important"
}
],
"title": "CVE-2015-1462"
},
{
"cve": "CVE-2015-1463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1463"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an \"incorrect compiler optimization.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1463",
"url": "https://www.suse.com/security/cve/CVE-2015-1463"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-1463",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 916215 for CVE-2015-1463",
"url": "https://bugzilla.suse.com/916215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-1463"
},
{
"cve": "CVE-2015-2170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2170"
}
],
"notes": [
{
"category": "general",
"text": "The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2170",
"url": "https://www.suse.com/security/cve/CVE-2015-2170"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2170",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2170"
},
{
"cve": "CVE-2015-2221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2221"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2221",
"url": "https://www.suse.com/security/cve/CVE-2015-2221"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2221",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2221"
},
{
"cve": "CVE-2015-2222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2222"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2222",
"url": "https://www.suse.com/security/cve/CVE-2015-2222"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2222",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2222"
},
{
"cve": "CVE-2015-2305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2305"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2305",
"url": "https://www.suse.com/security/cve/CVE-2015-2305"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922022 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922022"
},
{
"category": "external",
"summary": "SUSE Bug 922028 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922028"
},
{
"category": "external",
"summary": "SUSE Bug 922030 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922030"
},
{
"category": "external",
"summary": "SUSE Bug 922043 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922043"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 922567 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/922567"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/929192"
},
{
"category": "external",
"summary": "SUSE Bug 980366 for CVE-2015-2305",
"url": "https://bugzilla.suse.com/980366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2305"
},
{
"cve": "CVE-2015-2668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2668"
}
],
"notes": [
{
"category": "general",
"text": "ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2668",
"url": "https://www.suse.com/security/cve/CVE-2015-2668"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 921950 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/921950"
},
{
"category": "external",
"summary": "SUSE Bug 922560 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/922560"
},
{
"category": "external",
"summary": "SUSE Bug 929192 for CVE-2015-2668",
"url": "https://bugzilla.suse.com/929192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Desktop 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-LTSS:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP1-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server 11 SP3:clamav-0.98.3-0.11.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP2:clamav-0.97.8-0.2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:clamav-0.98.3-0.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2014-05-28T15:49:37Z",
"details": "moderate"
}
],
"title": "CVE-2015-2668"
}
]
}
GHSA-V57W-52FC-HJ8C
Vulnerability from github – Published: 2022-05-17 04:13 – Updated: 2022-05-17 04:13
VLAI?
Details
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
{
"affected": [],
"aliases": [
"CVE-2014-9050"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2014-12-01T15:59:00Z",
"severity": "MODERATE"
},
"details": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"id": "GHSA-v57w-52fc-hj8c",
"modified": "2022-05-17T04:13:39Z",
"published": "2022-05-17T04:13:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9050"
},
{
"type": "WEB",
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"type": "WEB",
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/59645"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/62542"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2014-9050
Vulnerability from fkie_nvd - Published: 2014-12-01 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html | Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html | ||
| cve@mitre.org | http://secunia.com/advisories/59645 | ||
| cve@mitre.org | http://secunia.com/advisories/62542 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/11/22/1 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/71242 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1031268 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2423-1 | Patch, Vendor Advisory | |
| cve@mitre.org | https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59645 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62542 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/11/22/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71242 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1031268 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2423-1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| clamav | clamav | * | |
| clamav | clamav | 0.01 | |
| clamav | clamav | 0.02 | |
| clamav | clamav | 0.3 | |
| clamav | clamav | 0.03 | |
| clamav | clamav | 0.05 | |
| clamav | clamav | 0.8 | |
| clamav | clamav | 0.9 | |
| clamav | clamav | 0.10 | |
| clamav | clamav | 0.12 | |
| clamav | clamav | 0.13 | |
| clamav | clamav | 0.14 | |
| clamav | clamav | 0.14 | |
| clamav | clamav | 0.15 | |
| clamav | clamav | 0.20 | |
| clamav | clamav | 0.21 | |
| clamav | clamav | 0.22 | |
| clamav | clamav | 0.23 | |
| clamav | clamav | 0.24 | |
| clamav | clamav | 0.51 | |
| clamav | clamav | 0.52 | |
| clamav | clamav | 0.53 | |
| clamav | clamav | 0.54 | |
| clamav | clamav | 0.60 | |
| clamav | clamav | 0.60p | |
| clamav | clamav | 0.65 | |
| clamav | clamav | 0.66 | |
| clamav | clamav | 0.67 | |
| clamav | clamav | 0.67-1 | |
| clamav | clamav | 0.68 | |
| clamav | clamav | 0.68.1 | |
| clamav | clamav | 0.70 | |
| clamav | clamav | 0.70 | |
| clamav | clamav | 0.71 | |
| clamav | clamav | 0.72 | |
| clamav | clamav | 0.73 | |
| clamav | clamav | 0.74 | |
| clamav | clamav | 0.75 | |
| clamav | clamav | 0.75.1 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80 | |
| clamav | clamav | 0.80_rc | |
| clamav | clamav | 0.81 | |
| clamav | clamav | 0.81 | |
| clamav | clamav | 0.82 | |
| clamav | clamav | 0.83 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.84 | |
| clamav | clamav | 0.85 | |
| clamav | clamav | 0.85.1 | |
| clamav | clamav | 0.86 | |
| clamav | clamav | 0.86 | |
| clamav | clamav | 0.86.1 | |
| clamav | clamav | 0.86.2 | |
| clamav | clamav | 0.87 | |
| clamav | clamav | 0.87.1 | |
| clamav | clamav | 0.88 | |
| clamav | clamav | 0.88.1 | |
| clamav | clamav | 0.88.2 | |
| clamav | clamav | 0.88.3 | |
| clamav | clamav | 0.88.4 | |
| clamav | clamav | 0.88.5 | |
| clamav | clamav | 0.88.6 | |
| clamav | clamav | 0.88.7 | |
| clamav | clamav | 0.88.7_p0 | |
| clamav | clamav | 0.88.7_p1 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90 | |
| clamav | clamav | 0.90.1 | |
| clamav | clamav | 0.90.1_p0 | |
| clamav | clamav | 0.90.2 | |
| clamav | clamav | 0.90.2_p0 | |
| clamav | clamav | 0.90.3 | |
| clamav | clamav | 0.90.3_p0 | |
| clamav | clamav | 0.90.3_p1 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91 | |
| clamav | clamav | 0.91.1 | |
| clamav | clamav | 0.91.2 | |
| clamav | clamav | 0.91.2_p0 | |
| clamav | clamav | 0.92 | |
| clamav | clamav | 0.92.1 | |
| clamav | clamav | 0.92_p0 | |
| clamav | clamav | 0.93 | |
| clamav | clamav | 0.93.1 | |
| clamav | clamav | 0.93.2 | |
| clamav | clamav | 0.93.3 | |
| clamav | clamav | 0.94 | |
| clamav | clamav | 0.94.1 | |
| clamav | clamav | 0.94.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB90B433-1628-4D60-A48B-FBA140542E0A",
"versionEndIncluding": "0.94.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "68EC0AEB-91CF-4A79-AF40-A475E896FB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5935EDE0-9203-4150-9B7A-AB10B377F9F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2680C-C187-487A-B6C4-F509E0C52436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A796E5E1-6481-49EF-8D97-9EC2A01C712B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "03FF3AE5-5BD9-43B4-9FB0-6BED8450C9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "812B11BD-344F-40DC-9996-0CBB4BB143B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E951B4D-F244-43A4-9593-B8B975D16C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "22958219-46D6-4868-B324-BFC2F2C893F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4543DDEE-C1D1-428F-91C7-98B8985A5931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED760C-7106-49CE-B4FE-CA53A1092C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "821EF522-A058-4509-A4CB-E9B800E83EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*",
"matchCriteriaId": "CABA4177-6B24-4364-BC34-D5ED171E60FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F488ACB2-A013-4BF3-B5AC-897E40BA87F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5799FA-DD99-4A35-BC56-B2FBEB747226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F32EA99F-088E-499E-9DCE-EFA9A64D1673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B04C5B-316D-4C6A-96CF-F145F7C9E636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E66D5CDE-ED5D-41BA-A4B1-28E8559EC056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "20769174-C51F-47D5-A34F-EB772F542A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "721B8B46-DFD9-4937-96A3-8D731304415B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF18A59-FB30-45C6-B28E-4499DCD78F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0B28E0BE-1E2D-45D2-B483-2D81326BF482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E7029650-6DF1-4616-BE9F-DE40E9BBE3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "F47FD5DF-F22E-4B78-9B92-A9C41950F836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F9571F-9192-414F-B680-10A22C71CFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CAC876-9AAC-407C-A34E-98AA6801D25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "470FC8FE-785A-4934-8989-D17C1796870E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6C0FE-2EED-447D-9F62-12CFF1E0918A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*",
"matchCriteriaId": "0928E05F-92E7-4451-AC11-4E6A014E1154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E7A70A-3584-4259-80CA-03AE290ABAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24AF81C1-5B68-4D84-AFB9-C0419B7F98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "D27D70A0-EC82-4DC7-A66D-60D263B76E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*",
"matchCriteriaId": "28C9C5AD-97A9-42C8-917C-2787785F5BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB3389-1C30-47BB-9DAE-0F744E7F8877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4D3D3E-067B-4A37-A851-99D2A3E20FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA837A0-C8CB-486B-845E-A370E3137697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "235A144A-4AB1-4756-AFB1-58AFFE02649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "767BBE7F-6CC4-42D4-9730-6E617D36AAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7CD6A-133F-48E4-87BC-77CF21A25940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "F65A7930-A913-4C3D-95A3-E629D6A468C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*",
"matchCriteriaId": "05D1FAF4-B4F8-446F-88C3-01289C01DB8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*",
"matchCriteriaId": "342A854F-0942-4A3E-AF08-BD41D8F453DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4DA6E00-8126-4B62-9E7F-1E3BFC827BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BB0958CD-187F-4DD0-A31B-5002861F6326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*",
"matchCriteriaId": "9C24942D-7AD6-4391-8F05-2827AB6A751E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*",
"matchCriteriaId": "BABA6024-1769-44D9-BF20-215602980A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "DA719FE4-04E0-4664-8EEC-70CD613408DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F7364D6-36F6-4615-95F0-E0B56722DAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "C859F864-B68F-4805-B804-E50F2C3FFE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CAFEA5-C062-43EA-A302-38887DA6768C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "525DC218-308C-4A0E-96A7-DC74B8973B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A4969C16-F67D-4C30-A537-FE64F4CFC3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B0D72B20-1F61-4499-9ADE-88AF98C3C19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "72C71B82-8F84-4855-A138-7E7436788D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*",
"matchCriteriaId": "039341D8-8E2B-4901-BFA6-9CCC46A18C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C048A75E-6587-485C-9F2B-E12BED34FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97DAD83E-F14F-4B87-B5D8-7BCAD8F446BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC4D448-DDCD-4C0B-AA84-2D054FCF718C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B003639-3228-4AC1-AB46-73481BB5DDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6A495D-F9BB-41B9-A912-670D837EA278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45F5E6B4-88DD-4426-9FB6-D9009F6B8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1EB857-D417-49EB-89FD-04733C872EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9D09D6-3EFD-45A6-88C3-199BF3EF9A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4551D5ED-6C72-4C9B-A556-491042A6113A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01859947-09D4-417E-92A4-FA4F1625C60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*",
"matchCriteriaId": "797B7A3B-BAEA-4868-BC3E-CE629FE151F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30337B76-E552-431F-B49C-A418E5B851A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53027413-3353-4051-88FA-A46859AD747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*",
"matchCriteriaId": "970D5900-7F83-4140-A3E4-FF4E710DBD2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0D4F76-258B-4E5D-AA4D-8231E846C76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A669CC-C10F-4E74-ACD0-DF933D723EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDAFCF3-811C-4365-8BBA-E0BB4F67AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B5180162-81FA-4605-B5B6-E01B312341EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*",
"matchCriteriaId": "A9915D81-4A7C-4B22-86F7-369CF68A0F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F2E0386-6A8E-4416-A4C6-139EB2CAD57D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "613E8544-7B2B-4FC5-AC60-190EC2D8025A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13E8E7E7-E29A-4539-8D8C-45B9C39B0146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A966F2C4-47A0-445F-8927-0F0222A48FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7681419E-5125-40D6-BE61-57CE9C8F3DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE0D056-B84F-4331-832C-5D1703A15A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96A13543-D7E2-41D6-8E8E-BE150ECDAA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "27310591-C883-4929-824A-AE99E7592D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2964A047-0277-4DA4-BDBE-3F5FC3C1F68E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "E891471A-A0B8-4251-A6D3-60E947A18F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A3340E5-36AF-4BFC-B6E8-13213EA6969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0D520BB1-7863-42B2-88D7-23C543A8F13C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6A5E0-66E0-4EA7-9007-2389179500C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED827D10-C862-4BC7-AB33-06E040DAE161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "51DC9827-D7D1-4D34-AA35-6A7BDB92907D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "37A3B776-0096-41B7-8D2E-C6F0B4F37458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5AAC04C-FFC7-45D8-A29C-6B258CD56489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06278C4-328D-4D14-9BC1-DCA697EC9EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66094D-050A-405E-AB0F-239A39F64E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF14BCBC-8B3C-4F70-93E8-ADB5C992ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B931BDB2-DBE4-4983-ABFB-86941CDD14F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA4A86-C015-4F1F-B565-89410E70D053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "F874453A-7F9C-4FF2-ACBD-F691FBF3B4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0722860E-934A-49CA-BEAD-0EB05AA6E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*",
"matchCriteriaId": "96F399F4-E7C0-4AD0-AA4F-C7C7FC2C466E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
},
{
"lang": "es",
"value": "El desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versi\u00f3n 0.98.5, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo y0da Crypter PE dise\u00f1ado."
}
],
"id": "CVE-2014-9050",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-01T15:59:10.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62542"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
OPENSUSE-SU-2025:14683-1
Vulnerability from csaf_opensuse - Published: 2025-01-23 00:00 - Updated: 2025-01-23 00:00Summary
clamav-1.4.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: clamav-1.4.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the clamav-1.4.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14683
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "clamav-1.4.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the clamav-1.4.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14683",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14683-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9050 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14679 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-20128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-20128/"
}
],
"title": "clamav-1.4.2-1.1 on GA media",
"tracking": {
"current_release_date": "2025-01-23T00:00:00Z",
"generator": {
"date": "2025-01-23T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14683-1",
"initial_release_date": "2025-01-23T00:00:00Z",
"revision_history": [
{
"date": "2025-01-23T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.4.2-1.1.aarch64",
"product": {
"name": "clamav-1.4.2-1.1.aarch64",
"product_id": "clamav-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.4.2-1.1.aarch64",
"product": {
"name": "clamav-devel-1.4.2-1.1.aarch64",
"product_id": "clamav-devel-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "clamav-docs-html-1.4.2-1.1.aarch64",
"product": {
"name": "clamav-docs-html-1.4.2-1.1.aarch64",
"product_id": "clamav-docs-html-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.4.2-1.1.aarch64",
"product": {
"name": "clamav-milter-1.4.2-1.1.aarch64",
"product_id": "clamav-milter-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libclamav12-1.4.2-1.1.aarch64",
"product": {
"name": "libclamav12-1.4.2-1.1.aarch64",
"product_id": "libclamav12-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.4.2-1.1.aarch64",
"product": {
"name": "libclammspack0-1.4.2-1.1.aarch64",
"product_id": "libclammspack0-1.4.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreshclam3-1.4.2-1.1.aarch64",
"product": {
"name": "libfreshclam3-1.4.2-1.1.aarch64",
"product_id": "libfreshclam3-1.4.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.4.2-1.1.ppc64le",
"product": {
"name": "clamav-1.4.2-1.1.ppc64le",
"product_id": "clamav-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.4.2-1.1.ppc64le",
"product": {
"name": "clamav-devel-1.4.2-1.1.ppc64le",
"product_id": "clamav-devel-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "clamav-docs-html-1.4.2-1.1.ppc64le",
"product": {
"name": "clamav-docs-html-1.4.2-1.1.ppc64le",
"product_id": "clamav-docs-html-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.4.2-1.1.ppc64le",
"product": {
"name": "clamav-milter-1.4.2-1.1.ppc64le",
"product_id": "clamav-milter-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libclamav12-1.4.2-1.1.ppc64le",
"product": {
"name": "libclamav12-1.4.2-1.1.ppc64le",
"product_id": "libclamav12-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.4.2-1.1.ppc64le",
"product": {
"name": "libclammspack0-1.4.2-1.1.ppc64le",
"product_id": "libclammspack0-1.4.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreshclam3-1.4.2-1.1.ppc64le",
"product": {
"name": "libfreshclam3-1.4.2-1.1.ppc64le",
"product_id": "libfreshclam3-1.4.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.4.2-1.1.s390x",
"product": {
"name": "clamav-1.4.2-1.1.s390x",
"product_id": "clamav-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.4.2-1.1.s390x",
"product": {
"name": "clamav-devel-1.4.2-1.1.s390x",
"product_id": "clamav-devel-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-docs-html-1.4.2-1.1.s390x",
"product": {
"name": "clamav-docs-html-1.4.2-1.1.s390x",
"product_id": "clamav-docs-html-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.4.2-1.1.s390x",
"product": {
"name": "clamav-milter-1.4.2-1.1.s390x",
"product_id": "clamav-milter-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libclamav12-1.4.2-1.1.s390x",
"product": {
"name": "libclamav12-1.4.2-1.1.s390x",
"product_id": "libclamav12-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.4.2-1.1.s390x",
"product": {
"name": "libclammspack0-1.4.2-1.1.s390x",
"product_id": "libclammspack0-1.4.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreshclam3-1.4.2-1.1.s390x",
"product": {
"name": "libfreshclam3-1.4.2-1.1.s390x",
"product_id": "libfreshclam3-1.4.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.4.2-1.1.x86_64",
"product": {
"name": "clamav-1.4.2-1.1.x86_64",
"product_id": "clamav-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.4.2-1.1.x86_64",
"product": {
"name": "clamav-devel-1.4.2-1.1.x86_64",
"product_id": "clamav-devel-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-docs-html-1.4.2-1.1.x86_64",
"product": {
"name": "clamav-docs-html-1.4.2-1.1.x86_64",
"product_id": "clamav-docs-html-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.4.2-1.1.x86_64",
"product": {
"name": "clamav-milter-1.4.2-1.1.x86_64",
"product_id": "clamav-milter-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libclamav12-1.4.2-1.1.x86_64",
"product": {
"name": "libclamav12-1.4.2-1.1.x86_64",
"product_id": "libclamav12-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.4.2-1.1.x86_64",
"product": {
"name": "libclammspack0-1.4.2-1.1.x86_64",
"product_id": "libclammspack0-1.4.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreshclam3-1.4.2-1.1.x86_64",
"product": {
"name": "libfreshclam3-1.4.2-1.1.x86_64",
"product_id": "libfreshclam3-1.4.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64"
},
"product_reference": "clamav-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le"
},
"product_reference": "clamav-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x"
},
"product_reference": "clamav-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64"
},
"product_reference": "clamav-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64"
},
"product_reference": "clamav-devel-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le"
},
"product_reference": "clamav-devel-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x"
},
"product_reference": "clamav-devel-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64"
},
"product_reference": "clamav-devel-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-docs-html-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64"
},
"product_reference": "clamav-docs-html-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-docs-html-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le"
},
"product_reference": "clamav-docs-html-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-docs-html-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x"
},
"product_reference": "clamav-docs-html-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-docs-html-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64"
},
"product_reference": "clamav-docs-html-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64"
},
"product_reference": "clamav-milter-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le"
},
"product_reference": "clamav-milter-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x"
},
"product_reference": "clamav-milter-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64"
},
"product_reference": "clamav-milter-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64"
},
"product_reference": "libclamav12-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le"
},
"product_reference": "libclamav12-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x"
},
"product_reference": "libclamav12-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64"
},
"product_reference": "libclamav12-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64"
},
"product_reference": "libclammspack0-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le"
},
"product_reference": "libclammspack0-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x"
},
"product_reference": "libclammspack0-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64"
},
"product_reference": "libclammspack0-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam3-1.4.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64"
},
"product_reference": "libfreshclam3-1.4.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam3-1.4.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le"
},
"product_reference": "libfreshclam3-1.4.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam3-1.4.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x"
},
"product_reference": "libfreshclam3-1.4.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam3-1.4.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
},
"product_reference": "libfreshclam3-1.4.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9050"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9050",
"url": "https://www.suse.com/security/cve/CVE-2014-9050"
},
{
"category": "external",
"summary": "SUSE Bug 1040662 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/1040662"
},
{
"category": "external",
"summary": "SUSE Bug 906770 for CVE-2014-9050",
"url": "https://bugzilla.suse.com/906770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-23T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-9050"
},
{
"cve": "CVE-2018-14679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14679"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14679",
"url": "https://www.suse.com/security/cve/CVE-2018-14679"
},
{
"category": "external",
"summary": "SUSE Bug 1102922 for CVE-2018-14679",
"url": "https://bugzilla.suse.com/1102922"
},
{
"category": "external",
"summary": "SUSE Bug 1103032 for CVE-2018-14679",
"url": "https://bugzilla.suse.com/1103032"
},
{
"category": "external",
"summary": "SUSE Bug 1103040 for CVE-2018-14679",
"url": "https://bugzilla.suse.com/1103040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-23T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14679"
},
{
"cve": "CVE-2025-20128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-20128"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r\nFor a description of this vulnerability, see the .\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-20128",
"url": "https://www.suse.com/security/cve/CVE-2025-20128"
},
{
"category": "external",
"summary": "SUSE Bug 1236307 for CVE-2025-20128",
"url": "https://bugzilla.suse.com/1236307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:clamav-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-devel-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-docs-html-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:clamav-milter-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclamav12-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libclammspack0-1.4.2-1.1.x86_64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.aarch64",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.ppc64le",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.s390x",
"openSUSE Tumbleweed:libfreshclam3-1.4.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-23T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-20128"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…