Showing 1 - 3 of 3

CVE-2018-1000085

Status Candidate

Overview

ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.

Related Files

Gentoo Linux Security Advisory 201804-16: Posted Apr 23, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201804-16 - Multiple vulnerabilities have been found in ClamAV, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 0.99.4 are affected.; tags | advisory, remote, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2012-6706, CVE-2017-11423, CVE-2017-6418, CVE-2017-6419, CVE-2017-6420, CVE-2018-0202, CVE-2018-1000085; SHA-256 | 226978b0f937cb909624ee469a0860710a9405d8025f924fe1f98de9f9477c57; Download | Favorite | View

Ubuntu Security Notice USN-3592-2: Posted Mar 8, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3592-2 - USN-3592-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | linux, ubuntu; advisories | CVE-2018-0202, CVE-2018-1000085; SHA-256 | d95dda82c97ffa745c7ee0d02694ef3dc4464091da45bf508bcd463b5fa03b92; Download | Favorite | View

Ubuntu Security Notice USN-3592-1: Posted Mar 8, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3592-1 - It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Hanno BAPck discovered that ClamAV incorrectly handled parsing certain XAR files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-0202, CVE-2018-1000085; SHA-256 | 5257934bc63f4443ea752a3894f1aca11c781da1dd62e1150dfb4c50e2d9259b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 155 files
Jay Turla 150 files
Ubuntu 66 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Debian 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,118)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,096)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,754)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,812)
UNIX (9,453)
UnixWare (188)
Windows (6,765)
Other

CVE-2018-1000085

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems