CVE-2015-2222medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
References
http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html
http://ubuntu.com/usn/usn-2594-1
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 2
OR
cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:* versions up to 0.98.6 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 9260 | ClamAV < 0.98.7 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | medium |
| 87708 | GLSA-201512-08 : ClamAV: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 83976 | Amazon Linux AMI : clamav (ALAS-2015-537) | Nessus | Amazon Linux Local Security Checks | medium |
| 83888 | Debian DLA-233-1 : clamav security and upstream version update | Nessus | Debian Local Security Checks | high |
| 83558 | openSUSE Security Update : clamav (openSUSE-2015-366) | Nessus | SuSE Local Security Checks | medium |
| 83555 | FreeBSD : clamav -- multiple vulnerabilities (3d0428b2-fdfb-11e4-894f-d050996490d0) | Nessus | FreeBSD Local Security Checks | medium |
| 83461 | SuSE 11.3 Security Update : clamav (SAT Patch Number 10664) | Nessus | SuSE Local Security Checks | medium |
| 83386 | Fedora 20 : clamav-0.98.7-1.fc20 (2015-7378) | Nessus | Fedora Local Security Checks | medium |
| 83352 | ClamAV < 0.98.7 Multiple Vulnerabilities | Nessus | Misc. | medium |
| 83255 | Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : clamav vulnerabilities (USN-2594-1) | Nessus | Ubuntu Local Security Checks | medium |
| 83245 | Mandriva Linux Security Advisory : clamav (MDVSA-2015:221) | Nessus | Mandriva Local Security Checks | medium |
| 83227 | Fedora 22 : clamav-0.98.7-1.fc22 (2015-7346) | Nessus | Fedora Local Security Checks | medium |
| 83226 | Fedora 21 : clamav-0.98.7-1.fc21 (2015-7334) | Nessus | Fedora Local Security Checks | medium |