VuXML ID | Description |
91ce95d5-cd15-4105-b942-af5ccc7144c1 | clamav -- multiple vulnerabilities
Micah Snyder reports:
CVE-2020-3327: Fixed a vulnerability in the ARJ archive-parsing module
in ClamAV 0.102.2 that could cause a denial-of-service condition.
Improper bounds checking of an unsigned variable results in an
out-of-bounds read which causes a crash. Special thanks to Daehui Chang
and Fady Othman for helping identify the ARJ parsing vulnerability.
CVE-2020-3341: Fixed a vulnerability in the PDF-parsing module in ClamAV
0.101 - 0.102.2 that could cause a denial-of-service condition. Improper
size checking of a buffer used to initialize AES decryption routines
results in an out-of-bounds read, which may cause a crash. OSS-Fuzz
discovered this vulnerability.
Discovery 2020-05-12 Entry 2020-05-14 clamav
< 0.102.3,1
https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html
CVE-2020-3327
CVE-2020-3341
|
84ce26c3-5769-11e9-abd6-001b217b3468 | clamav -- multiple vulnerabilities
Clamav reports:
An out-of-bounds heap read condition may occur when scanning PDF documents
An out-of-bounds heap read condition may occur when scanning PE files
An out-of-bounds heap write condition may occur when scanning OLE2 files
An out-of-bounds heap read condition may occur when scanning malformed PDF documents
A path-traversal write condition may occur as a result of improper input validation when scanning RAR archives
A use-after-free condition may occur as a result of improper error handling when scanning nested RAR archives
Discovery 2019-03-29 Entry 2019-04-05 clamav
< 0.101.2,1
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1787
CVE-2019-1789
CVE-2019-1788
CVE-2019-1786
CVE-2019-1785
CVE-2019-1798
|
d1e9d8c5-839b-11e8-9610-9c5c8e75236a | clamav -- multiple vulnerabilities
Joel Esler reports:
3 security fixes in this release:
- CVE-2017-16932: Vulnerability in libxml2 dependency (affects ClamAV on Windows only).
- CVE-2018-0360: HWP integer overflow, infinite loop vulnerability. Reported by Secunia Research at Flexera.
- CVE-2018-0361: ClamAV PDF object length check, unreasonably long time to parse relatively small file. Report
ed by aCaB.
Discovery 2018-07-09 Entry 2018-07-09 clamav
< 0.100.1
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
CVE-2017-16932
CVE-2018-0360
CVE-2018-0361
|
eb12ebee-b7af-11e1-b5e0-000c299b62e1 | clamav -- multiple vulnerabilities
MITRE Advisories report:
The TAR parser allows remote attackers to bypass malware detection
via a POSIX TAR file with an initial [aliases] character sequence.
The TAR parser allows remote attackers to bypass malware detection
via a TAR archive entry with a length field that exceeds the total
TAR file size.
The Microsoft CHM file parser allows remote attackers to bypass
malware detection via a crafted reset interval in the LZXC header
of a CHM file.
The TAR file parser allows remote attackers to bypass malware
detection via a TAR archive entry with a length field
corresponding to that entire entry, plus part of the header ofxi
the next entry.
Discovery 2012-03-19 Entry 2012-06-16 clamav
< 0.97.5
clamav-devel
< 20120612
CVE-2012-1419
CVE-2012-1457
CVE-2012-1458
CVE-2012-1459
|
f7a02651-c798-11ea-81d6-6805cabe6ebb | clamav -- multiple vulnerabilities
Micah Snyder reports:
- CVE-2020-3350
-
Fixed a vulnerability a malicious user could exploit to replace
a scan target's directory with a symlink to another path to trick
clamscan, clamdscan, or clamonacc into removing or moving a different
file (such as a critical system file). The issue would affect users
that use the --move or --remove options for clamscan, clamdscan and
clamonacc.
- CVE-2020-3327
-
Fixed a vulnerability in the ARJ archive-parsing module in ClamAV
0.102.3 that could cause a denial-of-service (DoS) condition.
Improper bounds checking resulted in an out-of-bounds read that could
cause a crash. The previous fix for this CVE in version 0.102.3 was
incomplete. This fix correctly resolves the issue.
- CVE-2020-3481
-
Fixed a vulnerability in the EGG archive module in ClamAV 0.102.0
- 0.102.3 that could cause a denial-of-service (DoS) condition.
Improper error handling could cause a crash due to a NULL pointer
dereference. This vulnerability is mitigated for those using the
official ClamAV signature databases because the file type signatures
in daily.cvd will not enable the EGG archive parser in affected
versions.
Discovery 2020-07-16 Entry 2020-07-16 clamav
< 0.102.4,1
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
CVE-2020-3350
CVE-2020-3327
CVE-2020-3481
|
51a59f36-3c58-11ee-b32e-080027f5fec9 | clamav -- Possible denial of service vulnerability in the HFS+ file parser
Steve Smith reports:
There is a possible denial of service vulnerability in the
HFS+ file parser.
Discovery 2023-08-15 Entry 2023-08-16 clamav
< 1.1.1,1
clamav-lts
< 1.0.2,1
CVE-2023-20197
https://blog.clamav.net/2023/07/2023-08-16-releases.html
|
6ade62d9-0f62-11ea-9673-4c72b94353b5 | clamav -- Denial-of-Service (DoS) vulnerability
Micah Snyder reports:
A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email
file as a result of excessively long scan times. The issue is resolved by implementing
several maximums in parsing MIME messages and by optimizing use of memory allocation.
Discovery 2019-09-06 Entry 2019-11-25 clamav
< 0.102.1,1
https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html
CVE-2019-15961
|
fd792048-ad91-11ed-a879-080027f5fec9 | clamav -- Multiple vulnerabilities
Simon Scannell reports:
- CVE-2023-20032
-
Fixed a possible remote code execution vulnerability in the HFS+ file parser.
- CVE-2023-20052
-
Fixed a possible remote information leak vulnerability in the DMG file parser.
Discovery 2023-02-15 Entry 2023-02-16 clamav
< 1.0.1,1
clamav-lts
< 0.103.8,1
CVE-2023-20032
CVE-2023-20052
https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html
|
68ae70c5-c5e5-11ee-9768-08002784c58d | clamav -- Multiple vulnerabilities
The ClamAV project reports:
- CVE-2024-20290
-
A vulnerability in the OLE2 file format parser of ClamAV
could allow an unauthenticated, remote attacker to cause
a denial of service (DoS) condition on an affected
device. This vulnerability is due to an incorrect check
for end-of-string values during scanning, which may
result in a heap buffer over-read. An attacker could
exploit this vulnerability by submitting a crafted file
containing OLE2 content to be scanned by ClamAV on an
affected device. A successful exploit could allow the
attacker to cause the ClamAV scanning process to
terminate, resulting in a DoS condition on the affected
software and consuming available system resources.
- CVE-2024-20328
-
Fixed a possible command injection vulnerability in the
"VirusEvent" feature of ClamAV's ClamD
service. To fix this issue, we disabled the '%f' format
string parameter. ClamD administrators may continue to
use the `CLAM_VIRUSEVENT_FILENAME` environment variable,
instead of '%f'. But you should do so only from within
an executable, such as a Python script, and not directly
in the clamd.conf "VirusEvent" command.
Discovery 2024-02-07 Entry 2024-02-07 clamav
< 1.2.2,1
clamav-lts
< 1.0.5,1
CVE-2024-20290
CVE-2024-20328
https://blog.clamav.net/2023/11/clamav-130-122-105-released.html
|
b6f6da57-680a-11dc-b350-001921ab2fa4 | clamav -- multiple remote Denial of Service vulnerabilities
BugTraq reports:
ClamAV is prone to multiple denial-of-service vulnerabilities.
A successful attack may allow an attacker to crash the
application and deny service to users.
Discovery 2007-08-21 Entry 2007-09-21 clamav
< 0.91.2
25398
CVE-2007-4510
|
2a6106c6-73e5-11ec-8fa2-0800270512f4 | clamav -- invalid pointer read that may cause a crash
Laurent Delosieres reports:
Fix for invalid pointer read that may cause a crash. This issue affects
0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and the
CL_SCAN_GENERAL_COLLECT_METADATA scan option
(the clamscan --gen-json option) is enabled.
Discovery 2022-01-12 Entry 2022-01-12 clamav
< 0.104.2,1
clamav-lts
< 0.103.5,1
CVE-2022-20698
https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
|
3d0428b2-fdfb-11e4-894f-d050996490d0 | clamav -- multiple vulnerabilities
ClamAV project reports:
ClamAV 0.98.7 is here! This release contains new
scanning features and bug fixes.
Fix infinite loop condition on crafted y0da cryptor file.
Identified and patch suggested by Sebastian Andrzej Siewior.
CVE-2015-2221.
Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
Fix an infinite loop condition on a crafted "xz" archive
file. This was reported by Dimitri Kirchner and Goulven
Guiheux. CVE-2015-2668.
Apply upstream patch for possible heap overflow in Henry
Spencer's regex library. CVE-2015-2305.
Fix crash in upx decoder with crafted file. Discovered and
patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
Discovery 2015-04-29 Entry 2015-05-19 clamav
< 0.98.7
clamav-devel
gt 0
CVE-2015-2170
CVE-2015-2221
CVE-2015-2222
CVE-2015-2305
CVE-2015-2668
http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html
|
e7bc2b99-485a-11ea-bff9-9c5c8e75236a | clamav -- Denial-of-Service (DoS) vulnerability
Micah Snyder reports:
A denial-of-service (DoS) condition may occur when using the optional
credit card data-loss-prevention (DLP) feature. Improper bounds checking of
an unsigned variable resulted in an out-of-bounds read, which causes a crash.
Discovery 2020-02-05 Entry 2020-02-05 clamav
< 0.102.2,1
https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html
CVE-2020-3123
|
dbd1f627-c43b-11e9-a923-9c5c8e75236a | clamav -- multiple vulnerabilities
Micah Snyder reports:
- An out of bounds write was possible within ClamAV&s NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library (CVE-2019-12900). The issue has been resolved by respecting that limit.
- The zip bomb vulnerability mitigated in 0.101.3 has been assigned the CVE identifier CVE-2019-12625. Unfortunately, a workaround for the zip-bomb mitigation was immediately identified. To remediate the zip-bomb scan time issue, a scan time limit has been introduced in 0.101.4. This limit now resolves ClamAV's vulnerability to CVE-2019-12625.
Discovery 2019-08-21 Entry 2019-08-21 clamav
< 0.101.4,1
clamav-milter
< 0.101.4,1
CVE-2019-12625
https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html
CVE-2019-12900
|
b464f61b-84c7-4e1c-8ad4-6cf9efffd025 | clamav -- multiple vulnerabilities
ClamAV project reports:
Join us as we welcome ClamAV 0.99.3 to the family!.
This release is a security release and is recommended for
all ClamAV users.
CVE-2017-12374 ClamAV UAF (use-after-free) Vulnerabilities
CVE-2017-12375 ClamAV Buffer Overflow Vulnerability
CVE-2017-12376 ClamAV Buffer Overflow in handle_pdfname
Vulnerability
CVE-2017-12377 ClamAV Mew Packet Heap Overflow Vulnerability
CVE-2017-12378 ClamAV Buffer Over Read Vulnerability
CVE-2017-12379 ClamAV Buffer Overflow in messageAddArgument
Vulnerability
CVE-2017-12380 ClamAV Null Dereference Vulnerability
Discovery 2018-01-25 Entry 2018-01-26 clamav
< 0.99.3
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
CVE-2017-12374
CVE-2017-12375
CVE-2017-12376
CVE-2017-12377
CVE-2017-12378
CVE-2017-12379
CVE-2017-12380
|
903654bd-1927-11dc-b8a0-02e0185f8d72 | clamav -- multiple vulnerabilities
Clamav had been found vulnerable to multiple vulnerabilities:
- Improper checking for the end of an buffer causing an
unspecified attack vector.
- Insecure temporary file handling, which could be exploited
to read sensitive information.
- A flaw in the parser engine which could allow a remote
attacker to bypass the scanning of RAR files.
- A flaw in libclamav/unrar.c which could cause a remote
Denial of Service (DoS) by sending a specially crafted
RAR file with a modified vm_codesize.
- A flaw in the OLE2 parser which could cause a remote
Denial of Service (DoS).
Discovery 2007-04-18 Entry 2007-06-19 clamav
< 0.90.3
CVE-2007-2650
CVE-2007-3023
CVE-2007-3024
CVE-2007-3122
CVE-2007-3123
http://news.gmane.org/gmane.comp.security.virus.clamav.devel/cutoff=2853
|
8b812395-c739-11e8-ab5b-9c5c8e75236a | clamav -- multiple vulnerabilities
Joel Esler reports:
- CVE-2018-15378:
- Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
- Reported by Secunia Research at Flexera.
- Fix for a 2-byte buffer over-read bug in ClamAV&s PDF parsing code.
- CVE-2018-14680:
- An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
- CVE-2018-14681:
- An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
- CVE-2018-14682:
- An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. Additionally, 0.100.2 reverted 0.100.1's patch for CVE-2018-14679, and applied libmspack's version of the fix in its place.
Discovery 2018-10-03 Entry 2018-10-03 Modified 2020-06-24 clamav
< 0.100.2
https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html
CVE-2018-15378
CVE-2018-14680
CVE-2018-14681
CVE-2018-14682
|
589d8053-0b03-11dd-b4ef-00e07dc4ec84 | clamav -- Multiple Vulnerabilities
Secunia reports:
Some vulnerabilities have been reported in ClamAV, which can be
exploited by malicious people to cause a DoS (Denial of Service)
or to compromise a vulnerable system.
1) A boundary error exists within the "cli_scanpe()" function in
libclamav/pe.c. This can be exploited to cause a heap-based buffer
overflow via a specially crafted "Upack" executable.
Successful exploitation allows execution of arbitrary code.
2) A boundary error within the processing of PeSpin packed
executables in libclamav/spin.c can be exploited to cause a
heap-based buffer overflow.
Successful exploitation may allow execution of arbitrary code.
3) An unspecified error in the processing of ARJ files can be
exploited to hang ClamAV.
Discovery 2008-04-15 Entry 2008-04-15 clamav
< 0.93
clamav-devel
< 20080415
CVE-2008-1100
CVE-2008-1387
http://secunia.com/advisories/29000
|
24b64fb0-af1d-11dd-8a16-001b1116b350 | clamav -- off-by-one heap overflow in VBA project parser
Advisory from Moritz Jodeit, November 8th, 2008:
ClamAV contains an off-by-one heap overflow vulnerability
in the code responsible for parsing VBA project files.
Successful exploitation could allow an attacker to execute
arbitrary code with the privileges of the `clamd' process by
sending an email with a prepared attachment.
A VBA project file embedded inside an OLE2 office document
send as an attachment can trigger the off-by-one.
Entry from Thu Oct 30 13:52:42 CET 2008 (acab) in ChangeLog:
libclamav/vba_extract.c: get_unicode_name off-by-one,
bb#1239 reported by Moritz Jodeit >moritz*jodeit.org<
Discovery 2008-11-08 Entry 2008-11-10 clamav
< 0.94.1
clamav-devel
< 20081105
http://www.securityfocus.com/archive/1/498169/30/0/threaded
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
CVE-2008-5050
|
9ae2c00f-97d0-11eb-8cd6-080027f515ea | clamav -- Multiple vulnerabilites
Micah Snyder reports:
- CVE-2021-1252
- Excel XLM parser infinite loop
- CVE-2021-1404
- PDF parser buffer over-read; possible crash.
- CVE-2021-1405
- Mail parser NULL-dereference crash.
Discovery 2021-04-07 Entry 2021-04-07 clamav
< 0.103.2,1
CVE-2021-1252
CVE-2021-1404
CVE-2021-1405
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
|
b2407db1-d79f-11ec-a15f-589cfc0f81b0 | clamav -- Multiple vulnerabilities
The ClamAV project reports:
Fixed a possible double-free vulnerability in the OLE2 file
parser. Issue affects versions 0.104.0 through 0.104.2. Issue
identified by OSS-Fuzz.
Fixed a possible infinite loop vulnerability in the CHM file
parser. Issue affects versions 0.104.0 through 0.104.2 and LTS
version 0.103.5 and prior versions. Thank you to MichaÃ
 Dardas
for reporting this issue.
Fixed a possible NULL-pointer dereference crash in the scan
verdict cache check. Issue affects versions 0.103.4, 0.103.5,
0.104.1, and 0.104.2. Thank you to Alexander Patrakov and
Antoine Gatineau for reporting this issue.
Fixed a possible infinite loop vulnerability in the TIFF file
parser. Issue affects versions 0.104.0 through 0.104.2 and LTS
version 0.103.5 and prior versions. The issue only occurs if the
"--alert-broken-media" ClamScan option is enabled. For ClamD,
the affected option is "AlertBrokenMedia yes", and for libclamav
it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. Thank
you to MichaÃ
 Dardas for reporting this issue.
Fixed a possible memory leak in the HTML file parser /
Javascript normalizer. Issue affects versions 0.104.0 through
0.104.2 and LTS version 0.103.5 and prior versions. Thank you to
MichaÃ
 Dardas for reporting this issue.
Fixed a possible multi-byte heap buffer overflow write
vulnerability in the signature database load module. The fix was
to update the vendored regex library to the latest version.
Issue affects versions 0.104.0 through 0.104.2 and LTS version
0.103.5 and prior versions. Thank you to MichaÃ
 Dardas for
reporting this issue.
Discovery 2022-05-04 Entry 2022-05-19 clamav
< 0.104.3,1
clamav-lts
< 0.103.6,1
CVE-2022-20803
CVE-2022-20770
CVE-2022-20796
CVE-2022-20771
CVE-2022-20785
CVE-2022-20792
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html#more
|
da5c4072-8082-11dd-9c8c-001c2514716c | clamav -- CHM Processing Denial of Service
Hanno Boeck reports:
A fuzzing test showed weakness in the chm parser of
clamav, which can possibly be exploited. The clamav
team has disabled the chm module in older versions
though freshclam updates and has released 0.94 with
a fixed parser.
Discovery 2008-07-09 Entry 2008-09-12 clamav
< 0.94
clamav-devel
< 20080902
CVE-2008-1389
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1089
|