Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.98.6 Multiple Vulnerabilities

High

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities.

Description

Versions of ClamAV earlier than 0.98.6 are potentially affected by the following vulnerabilities :

- An out-of-bounds access flaw exists in the 'unupack()' function that is triggered when parsing a specially crafted Upack packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2014-9328) - An out-of-bounds access flaw exists that is triggered when parsing maliciously crafted Yoda Crypter and MEWpacker files. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2015-1461) - An out-of-bounds access flaw exists that is triggered when parsing a specially crafted UPX packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2015-1462) - A signedness flaw exists in the 'petite_inflate2x_1to9()' function in 'libclamav/petite.c' that allows a remote attacker with a specially crafted petite packer file to cause a denial of service. (CVE-2015-1463) - An integer overflow condition exists in 'upx.c' due to improper validation of user-supplied input when scanning EXE files. An attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (OSVDB 132125)

Solution

Upgrade to ClamAV 0.98.6 or later.