CVE-2016-1405 (GCVE-0-2016-1405)

Vulnerability from cvelistv5

Published

2016-06-08 14:00

Modified

2024-08-05 22:55

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CERTFR-2016-AVI-187

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Evolved Programmable Network Manager versions antérieures à 1.2.4
Cisco	N/A	Cisco Firepower Management Center versions 5.4.x et 6.0.0.1
Cisco	N/A	Cisco UCS Invicta appliances et Cisco UCS Invicta Scaling System exécutant Cisco UCS Invicta versions 4.3, 4.5, ou 5.0.1
Cisco	N/A	Cisco Web Security Appliance (WSA) versions antérieures à 9.0.1-135
Cisco	N/A	Cisco Prime Network Analysis Module (NAM) versions antérieures à 6.2(1-b)
Cisco	N/A	Cisco Web Security Appliance (WSA) versions 9.1.x antérieures à 9.1.1-041
Cisco	N/A	Cisco Prime Infrastructure versions antérieures à 3.1
Cisco	N/A	Cisco Email Security Appliance (ESA) versions antérieures à 9.7.0-125

References

Title

Publication Time

fkie_cve-2016-1405

Vulnerability from fkie_nvd

Published

2016-06-08 14:59

Modified

2025-04-12 10:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/90968
psirt@cisco.com	http://www.securitytracker.com/id/1035993
psirt@cisco.com	http://www.securitytracker.com/id/1035994
psirt@cisco.com	http://www.ubuntu.com/usn/USN-3093-1
psirt@cisco.com	https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/90968
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035993
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035994
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3093-1
af854a3a-2127-422b-91ae-364da2661108	https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog

Impacted products

Vendor	Product	Version
clamav	clamav	*
cisco	email_security_appliance	9.6.0-042
cisco	web_security_appliance	8.8.0-085
cisco	web_security_appliance	9.1.0-070
cisco	web_security_appliance	9.5.0-284

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A4628C3-55C5-4B29-9B9F-7034B0670C76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED373FBD-1BB7-4532-946F-9DA2DF33A8D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F98FEDA-89EF-40BA-BBD3-3EBD6DD33EE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*",
              "matchCriteriaId": "8782B7BC-03C5-4866-9807-14EF9A818EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA50ED3-74F8-4B13-BFA9-97EA6B43C701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
    },
    {
      "lang": "es",
      "value": "libclamav en ClamAV (tambi\u00e9n conocida como Clam AntiVirus), tal como se utiliza en Advanced Malware Protection (AMP) en dispositivos Cisco Email Security Appliance (ESA) en versiones anteriores a 9.7.0-125 y dispositivos Web Security Appliance (WSA) en versiones anteriores a 9.0.1-135 y 9.1.x en versiones anteriores a 9.1.1-041, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del proceso AMP) a trav\u00e9s de un documento manipulado, tambi\u00e9n conocido como Bug IDs CSCuv78533 y CSCuw60503."
    }
  ],
  "id": "CVE-2016-1405",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-08T14:59:12.827",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/90968"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1035993"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1035994"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.ubuntu.com/usn/USN-3093-1"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/90968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3093-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cnvd-2016-03748

Vulnerability from cnvd

Title

Cisco ESA/WSA AMP ClamAV拒绝服务漏洞

Description

Cisco Email Security Appliance是电子邮件安全防护解决方案。 Cisco ESA及WSA AMP ClamAV存在安全漏洞，源于libclamav库未能正确解析输入文件。攻击者可发送构造的文档，触发AMP ClamAV库扫描，造成AMP进程重启，导致拒绝服务。

Severity

中

Patch Name

Cisco ESA/WSA AMP ClamAV拒绝服务漏洞的补丁

Patch Description

Cisco Email Security Appliance是电子邮件安全防护解决方案。 Cisco ESA及WSA AMP ClamAV存在安全漏洞，源于libclamav库未能正确解析输入文件。攻击者可发送构造的文档，触发AMP ClamAV库扫描，造成AMP进程重启，导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Cisco已经为此发布了一个安全公告（cisco-sa-20160531-wsa-esa）以及相应补丁: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa

Impacted products

Name
['Cisco Email Security Appliance (ESA)', 'Cisco Clam AntiVirus (ClamAV)', 'Cisco Web Security Appliance (WSA)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1405"
    }
  },
  "description": "Cisco Email Security Appliance\u662f\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u9632\u62a4\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco ESA\u53caWSA AMP ClamAV\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6e90\u4e8elibclamav\u5e93\u672a\u80fd\u6b63\u786e\u89e3\u6790\u8f93\u5165\u6587\u4ef6\u3002\u653b\u51fb\u8005\u53ef\u53d1\u9001\u6784\u9020\u7684\u6587\u6863\uff0c\u89e6\u53d1AMP ClamAV\u5e93\u626b\u63cf\uff0c\u9020\u6210AMP\u8fdb\u7a0b\u91cd\u542f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20160531-wsa-esa\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-03748",
  "openTime": "2016-06-02",
  "patchDescription": "Cisco Email Security Appliance\u662f\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u9632\u62a4\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco ESA\u53caWSA AMP ClamAV\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6e90\u4e8elibclamav\u5e93\u672a\u80fd\u6b63\u786e\u89e3\u6790\u8f93\u5165\u6587\u4ef6\u3002\u653b\u51fb\u8005\u53ef\u53d1\u9001\u6784\u9020\u7684\u6587\u6863\uff0c\u89e6\u53d1AMP ClamAV\u5e93\u626b\u63cf\uff0c\u9020\u6210AMP\u8fdb\u7a0b\u91cd\u542f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco ESA/WSA AMP ClamAV\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Email Security Appliance (ESA)",
      "Cisco Clam AntiVirus (ClamAV)",
      "Cisco Web Security Appliance (WSA)"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa",
  "serverity": "\u4e2d",
  "submitTime": "2016-06-01",
  "title": "Cisco ESA/WSA AMP ClamAV\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

var-201606-0327

Vulnerability from variot

libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. This issue is fixed in: Cisco ClamAV 0.99 Cisco Email Security Appliance 9.7.0-125 Cisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. =========================================================================== Ubuntu Security Notice USN-3093-1 September 28, 2016

clamav vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 16.04 LTS
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary:

ClamAV could be made to crash or run programs if it processed a specially crafted file.

Software Description: - clamav: Anti-virus utility for Unix

Details:

It was discovered that ClamAV incorrectly handled certain malformed files.

In the default installation, attackers would be isolated by the ClamAV AppArmor profile.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS: clamav 0.99.2+dfsg-0ubuntu0.16.04.1

Ubuntu 14.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.14.04.1

Ubuntu 12.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-3093-1 CVE-2016-1371, CVE-2016-1372, CVE-2016-1405

Package Information: https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0327",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "clamav",
        "scope": null,
        "trust": 1.4,
        "vendor": "clamav",
        "version": null
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "8.8.0-085"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "9.6.0-042"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "9.1.0-070"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "9.5.0-284"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "clamav",
        "version": "*"
      },
      {
        "model": "web security the appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.x"
      },
      {
        "model": "web security the appliance",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.1-041"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "16.04"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "14.04"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.2"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.8"
      },
      {
        "model": "web security appliance 8.7.0-171-ld",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.6"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.3-051"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.2-004"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.1-021"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.0.000"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.0-497"
      },
      {
        "model": "web security appliance hot patch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.51"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1.0-235"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.8-113"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7-151"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7-142"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-115"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-078"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-073"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-757"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-725"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-602"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-550"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1-201"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.0-838"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4-101"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3-013"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6.0-051"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6.0-046"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.5.0-201"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.1-023"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.0-032"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0.0-461"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.7-043"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.7-042"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-074"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-073"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-106"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.1-023"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.8"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.3-019"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.5-106"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3.1-09"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.7"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.5"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.4"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.97.8"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.6"
      },
      {
        "model": "web security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.1-041"
      },
      {
        "model": "web security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0.1-135"
      },
      {
        "model": "email security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.7.0-125"
      },
      {
        "model": "clamav",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.99"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:clamav:clamav",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:email_security_appliance",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:web_security_appliance",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "90968"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1405",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-1405",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-90224",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-1405",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-1405",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-1405",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201605-717",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90224",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. \nThis issue is fixed in:\nCisco ClamAV 0.99\nCisco Email Security Appliance 9.7.0-125\nCisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. \n===========================================================================\nUbuntu Security Notice USN-3093-1\nSeptember 28, 2016\n\nclamav vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nClamAV could be made to crash or run programs if it processed a specially\ncrafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nIt was discovered that ClamAV incorrectly handled certain malformed files. \n\nIn the default installation, attackers would be isolated by the ClamAV\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  clamav                          0.99.2+dfsg-0ubuntu0.16.04.1\n\nUbuntu 14.04 LTS:\n  clamav                          0.99.2+addedllvm-0ubuntu0.14.04.1\n\nUbuntu 12.04 LTS:\n  clamav                          0.99.2+addedllvm-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-3093-1\n  CVE-2016-1371, CVE-2016-1372, CVE-2016-1405\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1405",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "90968",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1035994",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1035993",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2016.1376",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-90224",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138895",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "id": "VAR-201606-0327",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      }
    ],
    "trust": 0.54899413
  },
  "last_update_date": "2024-11-23T22:26:55.526000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160531-wsa-esa",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
      },
      {
        "title": "ChangeLog",
        "trust": 0.8,
        "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
      },
      {
        "title": "Cisco Advance Malware Protection for Email Security Appliance  and Web Security Appliance Clam AntiVirus Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62025"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160531-wsa-esa"
      },
      {
        "trust": 1.7,
        "url": "https://github.com/vrtadmin/clamav-devel/blob/master/changelog"
      },
      {
        "trust": 1.2,
        "url": "http://www.ubuntu.com/usn/usn-3093-1"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/90968"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1035993"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1035994"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1405"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1405"
      },
      {
        "trust": 0.6,
        "url": "http://www.auscert.org.au/./render.html?it=35274"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1371"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1372"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1405"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "date": "2016-05-31T00:00:00",
        "db": "BID",
        "id": "90968"
      },
      {
        "date": "2016-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "date": "2016-09-29T04:25:18",
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "date": "2016-05-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "date": "2016-06-08T14:59:12.827000",
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "date": "2016-10-03T09:01:00",
        "db": "BID",
        "id": "90968"
      },
      {
        "date": "2016-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "date": "2016-06-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "date": "2024-11-21T02:46:22.860000",
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco E Email Security Appliance and  Web Security Used by appliance devices  ClamAV Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ],
    "trust": 0.6
  }
}

gsd-2016-1405

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-1405

Aliases

CVE-2016-1405

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1405",
    "description": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.",
    "id": "GSD-2016-1405",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-1405.html",
      "https://ubuntu.com/security/CVE-2016-1405",
      "https://advisories.mageia.org/CVE-2016-1405.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1405"
      ],
      "details": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.",
      "id": "GSD-2016-1405",
      "modified": "2023-12-13T01:21:24.730057Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-1405",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "90968",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/90968"
          },
          {
            "name": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog",
            "refsource": "MISC",
            "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
          },
          {
            "name": "USN-3093-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3093-1"
          },
          {
            "name": "1035993",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1035993"
          },
          {
            "name": "20160531 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
          },
          {
            "name": "1035994",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1035994"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1405"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160531 Cisco ESA and WSA AMP ClamAV Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
            },
            {
              "name": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog",
              "refsource": "MISC",
              "tags": [],
              "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
            },
            {
              "name": "1035993",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1035993"
            },
            {
              "name": "1035994",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1035994"
            },
            {
              "name": "USN-3093-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3093-1"
            },
            {
              "name": "90968",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/90968"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-11-28T19:58Z",
      "publishedDate": "2016-06-08T14:59Z"
    }
  }
}

ghsa-p4qj-763m-ffg3

Vulnerability from github

Published

2022-05-17 03:43

Modified

2022-05-17 03:43

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-06-08T14:59:00Z",
    "severity": "HIGH"
  },
  "details": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.",
  "id": "GHSA-p4qj-763m-ffg3",
  "modified": "2022-05-17T03:43:05Z",
  "published": "2022-05-17T03:43:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1405"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/90968"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1035993"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1035994"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3093-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-1405 (GCVE-0-2016-1405)

Vulnerability from cvelistv5

CERTFR-2016-AVI-187

Vulnerability from certfr_avis

Solution

fkie_cve-2016-1405

Vulnerability from fkie_nvd

cnvd-2016-03748

Vulnerability from cnvd

var-201606-0327

Vulnerability from variot

clamav vulnerabilities

gsd-2016-1405

Vulnerability from gsd

ghsa-p4qj-763m-ffg3

Vulnerability from github

Tags

Sightings

Nomenclature