Debian Clamav vulnerabilities

CVE-2015-2668 [MEDIUM] CVE-2015-2668: clamav - ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infin... ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. Scope: local bookworm: resolved (fixed in 0.98.7+dfsg-1) bullseye: resolved (fixed in 0.98.7+dfsg-1) forky: resolved (fixed in 0.98.7+dfsg-1) sid: resolved (fixed in 0.98.7+dfsg-1) trixie: resolved (fixed in 0.98.7+dfsg-1)

CVE-2015-1463 [MEDIUM] CVE-2015-1463: clamav - ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash... ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization." Scope: local bookworm: resolved (fixed in 0.98.6+dfsg-1) bullseye: resolved (fixed in 0.98.6+dfsg-1) forky: resolved (fixed in 0.98.6+dfsg-1) sid: resolved (fixed in 0.98.6+dfsg-1) trixie: resolved (fixed

CVE-2015-2170 [MEDIUM] CVE-2015-2170: clamav - The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denia... The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. Scope: local bookworm: resolved (fixed in 0.98.7+dfsg-1) bullseye: resolved (fixed in 0.98.7+dfsg-1) forky: resolved (fixed in 0.98.7+dfsg-1) sid: resolved (fixed in 0.98.7+dfsg-1) trixie: resolved (fixed in 0.98.7+dfsg-1)

CVE-2015-2305 [MEDIUM] CVE-2015-2305: alpine - Integer overflow in the regcomp implementation in the Henry Spencer BSD regex li... Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. Scope: local bookworm: resolved bullseye:

CVE-2014-9328 [HIGH] CVE-2014-9328: clamav - ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a cr... ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." Scope: local bookworm: resolved (fixed in 0.98.6+dfsg-1) bullseye: resolved (fixed in 0.98.6+dfsg-1) forky: resolved (fixed in 0.98.6+dfsg-1) sid: resolved (fixed in 0.98.6+dfsg-1) trixie: resolved (fixed in 0.98.6+dfsg-1

CVE-2014-9050 [MEDIUM] CVE-2014-9050: clamav - Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamA... Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file. Scope: local bookworm: resolved (fixed in 0.98.5+dfsg-1) bullseye: resolved (fixed in 0.98.5+dfsg-1) forky: resolved (fixed in 0.98.5+dfsg-1) sid: resolved (fixed in 0.98.5+dfs

CVE-2013-7087 [CRITICAL] CVE-2013-7087: clamav - ClamAV before 0.97.7 has WWPack corrupt heap memory ClamAV before 0.97.7 has WWPack corrupt heap memory Scope: local bookworm: resolved (fixed in 0.97.7+dfsg-1) bullseye: resolved (fixed in 0.97.7+dfsg-1) forky: resolved (fixed in 0.97.7+dfsg-1) sid: resolved (fixed in 0.97.7+dfsg-1) trixie: resolved (fixed in 0.97.7+dfsg-1)

CVE-2013-7088 [CRITICAL] CVE-2013-7088: clamav - ClamAV before 0.97.7 has buffer overflow in the libclamav component ClamAV before 0.97.7 has buffer overflow in the libclamav component Scope: local bookworm: resolved (fixed in 0.97.7+dfsg-1) bullseye: resolved (fixed in 0.97.7+dfsg-1) forky: resolved (fixed in 0.97.7+dfsg-1) sid: resolved (fixed in 0.97.7+dfsg-1) trixie: resolved (fixed in 0.97.7+dfsg-1)

CVE-2013-7089 [HIGH] CVE-2013-7089: clamav - ClamAV before 0.97.7: dbg_printhex possible information leak ClamAV before 0.97.7: dbg_printhex possible information leak Scope: local bookworm: resolved (fixed in 0.97.7+dfsg-1) bullseye: resolved (fixed in 0.97.7+dfsg-1) forky: resolved (fixed in 0.97.7+dfsg-1) sid: resolved (fixed in 0.97.7+dfsg-1) trixie: resolved (fixed in 0.97.7+dfsg-1)

CVE-2013-2020 [MEDIUM] CVE-2013-2020: clamav - Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 all... Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read. Scope: local bookworm: resolved (fixed in 0.97.8+dfsg-1) bullseye: resolved (fixed in 0.97.8+dfsg-1) forky

CVE-2013-2021 [MEDIUM] CVE-2013-2021: clamav - pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial ... pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. Scope: local bookworm: resolved (fixed in 0.97.8+dfsg-1) bullseye: resolved (fixed in 0.97.8+dfsg-1) forky: resolved (fixed in 0.97.8+dfsg-1) sid: resolved (fixed in 0.97.8+dfsg-1) trixie: resolved (fixed

CVE-2013-6497 [LOW] CVE-2013-6497: clamav - clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers ... clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file. Scope: local bookworm: resolved (fixed in 0.98.5+dfsg-1) bullseye: resolved (fixed in 0.98.5+dfsg-1) forky: resolved (fixed in 0.98.5+dfsg-1) sid: resolved (fixed in 0.98.5+dfsg-1) trixie: resolved (fixed in 0.98.5

CVE-2012-1458 [MEDIUM] CVE-2012-1458: clamav - The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allo... The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations. Sco

CVE-2012-1457 [MEDIUM] CVE-2012-1457: clamav - The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, ava... The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 C

CVE-2012-1419 [MEDIUM] CVE-2012-1419: clamav - The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 al... The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementation

CVE-2012-1459 [MEDIUM] CVE-2012-1459: clamav - The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir ... The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117

CVE-2011-2721 [MEDIUM] CVE-2011-2721: clamav - Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in C... Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. Scope: local bookworm: resolved (fixed in 0.97.2+dfsg-1) bullseye: resolved (fixed in 0.97.2+dfsg-1) forky: resolved

CVE-2011-1003 [MEDIUM] CVE-2011-1003: clamav - Double free vulnerability in the vba_read_project_strings function in vba_extrac... Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed

CVE-2011-3627 [MEDIUM] CVE-2011-3627: clamav - The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a d... The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. Scope: local bookworm: resolved (fixed in 0.97.3+dfsg-1) bullseye: resolved (fixed in 0.97.3+dfsg-1) forky: resolved (fixed in 0.97.3+dfsg-1) sid: resolved (fix

CVE-2010-0098 [CRITICAL] CVE-2010-0098: clamav - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats,... ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. Scope: local bookworm: resolved (fixed in 0.96+dfsg-1) bullseye: resolved (fixed in 0.96+dfsg-1) forky: resolved (fixed in 0.96+dfsg-1) sid: resolved (fixed