Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.98.7 Multiple Vulnerabilities

Medium

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities.

Description

Versions of ClamAV earlier than 0.98.7 are potentially affected by the following vulnerabilities :

- An unspecified flaw exists in the 'pefromupx()' function in 'upx.c'. A remote attacker can exploit this flaw, via a specially crafted file, to crash the application. (CVE-2015-2170) - An unspecified flaw exists in the 'yc_poly_emulator()' function in 'yc.c'. A remote attacker can exploit this flaw, via a specially crafted y0da cryptor file, to cause an infinite loop and application hang. (CVE-2015-2221) - An unspecified flaw exists in the 'cli_scanpe()' function in 'pe.c'. A remote attacker can exploit this, via a specially crafted petite packer file, to crash the program. (CVE-2015-2222) - An integer overflow condition exists in the bundled Henry Spencer regex library in the 'regcomp()' function in 'regcomp.c' due to improper validation of user-supplied input. A remote attacker can exploit this to cause a buffer overflow, resulting in a denial of service or the execution of arbitrary code. (CVE-2015-2305) - An unspecified flaw exists when handling specially crafted '.xz' archive files. A remote attacker can exploit this to cause an infinite loop. (CVE-2015-2668)

Solution

Upgrade to ClamAV 0.98.7 or later.