ClamAV < 0.99.1 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9261

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities.

Description

Versions of ClamAV prior to 0.99.1 are potentially affected by the following vulnerabilities :

- An out-of-bounds read flaw exists in the 'ea05()' and 'ea06()' functions in 'autoit.c'. This may allow a context-dependent attacker to cause a denial of service. (OSVDB 130951)
- An out-of-bounds read flaw affects the 'rijndaelSetupEncrypt()' function in 'rijndael.c'. The issue is triggered during the decryption of PDF files. This may allow a context-dependent attacker to cause a denial of service. (OSVDB 130952)
- An out-of-bounds read flaw exists in the 'parseEmailFile()' function in 'mbox.c'. This may allow a context-dependent attacker to cause a denial of service. (OSVDB 130953)
- An out-of-bounds write flaw exists in the 'screnc_decode()' function in 'htmlnorm.c' that may allow a context-dependent attacker to have an unspecified impact that may potentially include the execution of arbitrary code. (OSVDB 130954)
- An overflow condition affects the 'wwunpack()' function in 'wwunpack.c'. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service. (OSVDB 130955)
- An out-of-bounds write flaw affects the 'handle_df()' function in 'js-norm.c' that allows a context-dependent attacker to write to adjacent buffers. This may allow the attacker to have an unspecified impact that may potentially include the execution of arbitrary code. (OSVDB 130956)
- A flaw exists that is triggered during the handling of a specially crafted '.7z' file. This may allow a context-dependent attacker to cause a memory overlay and crash the program, which can leave the system vulnerable to other attacks. (OSVDB 135660)
- An integer underflow condition exists that is triggered as user-supplied input is not properly validated. This may allow an attacker to have an unspecified impact. No further details have been provided. (OSVDB 136534)

Solution

Upgrade to ClamAV 0.99.1 or later.

See Also

http://blog.clamav.net/2016/03/clamav-0991-has-been-released.html

http://lists.clamav.net/pipermail/clamav-announce/2016/000017.html

Plugin Details

Severity: High

ID: 9261

Family: Web Clients

Published: 2016/04/22

Modified: 2016/11/16

Dependencies: 9794

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:clamav

Patch Publication Date: 2015/12/17

Vulnerability Publication Date: 2015/11/16