ClamAV < 0.99 Remote Denial of Service

Medium Log Correlation Engine Plugin ID 802006


The specific version of ClamAV that the client is running is vulnerable to a remote denial of service.


Cisco ClamAV contains a flaw that is triggered when handling the scan of a specially crafted document. This may allow a remote attacker to cause the Advance Malware Protection (AMP) process to restart.


It has been reported that this has been fixed. Please refer to the product listing for upgraded versions that address this vulnerability.

See Also

Plugin Details

Severity: Medium

ID: 802006

File Name: 802006.prm

Family: Generic

Published: 2016/08/23

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2016/05/31

Vulnerability Publication Date: 2016/05/31

Reference Information

CVE: CVE-2016-1405