clamav

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Anti-virus toolkit for Unix
Version 0.99.3-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-602 0.99.3-1 Critical Vulnerable
Issue Group Severity Remote Type Description
CVE-2017-6419 AVG-602 Critical Yes Arbitrary code execution
mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.3, allows remote attackers to cause a denial of service (heap-based buffer overflow and...
CVE-2017-11423 AVG-602 Medium Yes Denial of service
The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV before 0.99.3  and other products, allows remote attackers to cause...
CVE-2012-6706 AVG-602 Critical Yes Arbitrary code execution
A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products,...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-601 0.99.2-1 0.99.3-1 Critical Fixed FS#57233
Issue Group Severity Remote Type Description
CVE-2017-6420 AVG-601 Medium Yes Denial of service
The wwunpack function in libclamav/wwunpack.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE...
CVE-2017-6418 AVG-601 Medium Yes Denial of service
libclamav/message.c in ClamAV before 0.99.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
CVE-2017-12380 AVG-601 Medium Yes Denial of service
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12379 AVG-601 Critical Yes Arbitrary code execution
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12378 AVG-601 Medium Yes Denial of service
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12377 AVG-601 Critical Yes Arbitrary code execution
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12376 AVG-601 Critical Yes Arbitrary code execution
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12375 AVG-601 Medium Yes Denial of service
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...
CVE-2017-12374 AVG-601 Medium Yes Denial of service
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of...

Advisories

Date Advisory Group Severity Description
09 Feb 2018 ASA-201802-1 AVG-601 Critical multiple issues