Debian Clamav vulnerabilities

CVE-2021-1252 [HIGH] CVE-2021-1252: clamav - A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV)... A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sendi

CVE-2021-1405 [HIGH] CVE-2021-1405: clamav - A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software ... A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerabi

CVE-2020-3481 [HIGH] CVE-2020-3481: clamav - A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Sof... A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected de

CVE-2020-3327 [HIGH] CVE-2020-3327: clamav - A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Sof... A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An

CVE-2020-3341 [HIGH] CVE-2020-3341: clamav - A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Sof... A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected de

CVE-2020-3123 [HIGH] CVE-2020-3123: clamav - A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (Clam... A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit thi

CVE-2020-37167 [HIGH] CVE-2020-37167: clamav - ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name pro... ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine. Scope: local

CVE-2020-3350 [MEDIUM] CVE-2020-3350: clamav - A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam Ant... A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by e

CVE-2019-12900 [CRITICAL] CVE-2019-12900: bzip2 - BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write... BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. Scope: local bookworm: resolved (fixed in 1.0.6-9.1) bullseye: resolved (fixed in 1.0.6-9.1) forky: resolved (fixed in 1.0.6-9.1) sid: resolved (fixed in 1.0.6-9.1) trixie: resolved (fixed in 1.0.6-9.1)

CVE-2019-15961 [HIGH] CVE-2019-15961: clamav - A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software ver... A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An atta

CVE-2019-1789 [HIGH] CVE-2019-1789: clamav - ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vu... ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking. Scope: local bookworm: resolved (fixed in 0.101.2+dfsg-1) bullseye: resolved (fixed in 0.1

CVE-2019-1785 [HIGH] CVE-2019-1785: clamav - A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV... A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attack

CVE-2019-12625 [HIGH] CVE-2019-12625: clamav - ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability whe... ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system. Scope: local bookworm: resolved (fixed in 0.101.4+dfsg-1) bullseye: resolved (fixed in 0.101.4+dfsg-1) forky: resolved (fixed in 0.101.4+dfsg-1) sid: resolved (fixed i

CVE-2019-1786 [MEDIUM] CVE-2019-1786: clamav - A vulnerability in the Portable Document Format (PDF) scanning functionality of ... A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing r

CVE-2019-1798 [MEDIUM] CVE-2019-1798: clamav - A vulnerability in the Portable Executable (PE) file scanning functionality of C... A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for PE files sent an affected devi

CVE-2019-1788 [MEDIUM] CVE-2019-1788: clamav - A vulnerability in the Object Linking & Embedding (OLE2) file scanning functiona... A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an af

CVE-2019-1787 [MEDIUM] CVE-2019-1787: clamav - A vulnerability in the Portable Document Format (PDF) scanning functionality of ... A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing rem

CVE-2018-1000085 [MEDIUM] CVE-2018-1000085: clamav - ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerab... ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439

CVE-2018-15378 [MEDIUM] CVE-2018-15378: clamav - A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to c... A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file. Scope: local bookworm: resolved

CVE-2018-0360 [MEDIUM] CVE-2018-0360: clamav - ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop... ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c. Scope: local bookworm: resolved (fixed in 0.100.1+dfsg-1) bullseye: resolved (fixed in 0.100.1+dfsg-1) forky: resolved (fixed in 0.100.1+dfsg-1) sid: resolved (fixed in 0.100.1+dfsg-1) trixie: