var-202001-0770
Vulnerability from variot
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. ========================================================================= Ubuntu Security Notice USN-4230-2 January 23, 2020
clamav vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
ClamAV could be made to crash if it opened a specially crafted file.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled certain MIME messages.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1
Ubuntu 12.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4230-2 https://usn.ubuntu.com/4230-1 CVE-2019-15961 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-46
https://security.gentoo.org/
Severity: Low Title: ClamAV: Multiple vulnerabilities Date: March 19, 2020 Bugs: #702010, #708424 ID: 202003-46
Synopsis
Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition.
Background
ClamAV is a GPL virus scanner.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-antivirus/clamav < 0.102.2 >= 0.102.2
Description
Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.102.2"
References
[ 1 ] CVE-2019-15961 https://nvd.nist.gov/vuln/detail/CVE-2019-15961 [ 2 ] CVE-2020-3123 https://nvd.nist.gov/vuln/detail/CVE-2020-3123
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-46
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0770",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "clamav",
"scope": "lte",
"trust": 1.8,
"vendor": "clamav",
"version": "0.101.4"
},
{
"model": "clamav",
"scope": "eq",
"trust": 1.8,
"vendor": "clamav",
"version": "0.102.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1.1-042"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1.2-023"
},
{
"model": "e email security appliance",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:clamav:clamav",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:email_security_appliance_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,Tomasz Kojm,Gentoo",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.6
},
"cve": "CVE-2019-15961",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-15961",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-148060",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-15961",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15961",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-15961",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15961",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-15961",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-15961",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1262",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-148060",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-15961",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. =========================================================================\nUbuntu Security Notice USN-4230-2\nJanuary 23, 2020\n\nclamav vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nClamAV could be made to crash if it opened a specially crafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4230-1 fixed a vulnerability in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled certain MIME messages. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n clamav 0.102.1+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://usn.ubuntu.com/4230-2\n https://usn.ubuntu.com/4230-1\n CVE-2019-15961\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202003-46\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: ClamAV: Multiple vulnerabilities\n Date: March 19, 2020\n Bugs: #702010, #708424\n ID: 202003-46\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in ClamAV, the worst of which\ncould result in a Denial of Service condition. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-antivirus/clamav \u003c 0.102.2 \u003e= 0.102.2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.102.2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2019-15961\n https://nvd.nist.gov/vuln/detail/CVE-2019-15961\n[ 2 ] CVE-2020-3123\n https://nvd.nist.gov/vuln/detail/CVE-2020-3123\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-46\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15961",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "155883",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156831",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "156073",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0552",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4350",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4540",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0071.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0071",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4412",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4568",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155421",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-148060",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-15961",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"id": "VAR-202001-0770",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
}
],
"trust": 0.53892258
},
"last_update_date": "2024-11-23T21:26:27.091000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bug 12380",
"trust": 0.8,
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"title": "Cisco Bug: CSCvr56010 - Opened to track: ClamAV for Cisco Email Security Appliance (ESA) Denial of Service Vulnerability",
"trust": 0.8,
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
},
{
"title": "Clam AntiVirus Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108207"
},
{
"title": "Ubuntu Security Notice: clamav vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4230-1"
},
{
"title": "Ubuntu Security Notice: clamav vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4230-2"
},
{
"title": "Debian CVElist Bug Report Logs: new upstream version 0.102.1 to fix CVE-2019-15961",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8d35b8b88a91d7df7c4a2aec03a4e3d1"
},
{
"title": "Amazon Linux AMI: ALAS-2020-1335",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2020-1335"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2019-15961 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.9
},
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://usn.ubuntu.com/4230-2/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/202003-46"
},
{
"trust": 1.8,
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
},
{
"trust": 1.8,
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/cscvr56010"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15961"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15961"
},
{
"trust": 0.7,
"url": "https://usn.ubuntu.com/4230-1/"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193177-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193176-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914236-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155421/clam-antivirus-toolkit-0.102.1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155883/ubuntu-security-notice-usn-4230-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0071/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4568/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0071.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0552/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/clamav-denial-of-service-via-mime-messages-parsing-30920"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156831/gentoo-linux-security-advisory-202003-46.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156073/ubuntu-security-notice-usn-4230-2.html"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4230-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110968"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4230-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3123"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.16.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.18.04.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.10.2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-148060"
},
{
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "156831"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-148060"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"date": "2020-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"date": "2020-01-23T19:19:09",
"db": "PACKETSTORM",
"id": "156073"
},
{
"date": "2020-03-19T22:01:09",
"db": "PACKETSTORM",
"id": "156831"
},
{
"date": "2020-01-08T16:53:54",
"db": "PACKETSTORM",
"id": "155883"
},
{
"date": "2019-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"date": "2020-01-15T19:15:13.317000",
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-19T00:00:00",
"db": "VULHUB",
"id": "VHN-148060"
},
{
"date": "2022-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2019-15961"
},
{
"date": "2020-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014125"
},
{
"date": "2020-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1262"
},
{
"date": "2024-11-21T04:29:49.740000",
"db": "NVD",
"id": "CVE-2019-15961"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "156073"
},
{
"db": "PACKETSTORM",
"id": "155883"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clam AntiVirus software Vulnerabilities related to resource exhaustion",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014125"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1262"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.