All errata/p5/ALT-PU-2015-1160-1
ALT-PU-2015-1160-1

Package update clamav in branch p5

Version0.98.6-alt0.M51.1
Task#140157
Published2015-02-13
Max severityHIGH
Severity:

Closed issues (5)

CVE-2013-6497
LOW2.1

clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.

Published: 2014-12-01Modified: 2025-04-12
CVSS 2.0LOW 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P
References
CVE-2014-9328
HIGH7.5

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."

Published: 2015-02-03Modified: 2025-04-12
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References
CVE-2015-1461
HIGH7.5

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."

Published: 2015-02-03Modified: 2025-04-12
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References
CVE-2015-1462
HIGH7.5

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."

Published: 2015-02-03Modified: 2025-04-12
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
References
CVE-2015-1463
MEDIUM5.0

ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."

Published: 2015-02-03Modified: 2025-04-12
CVSS 2.0MEDIUM 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
References

Closed bugs (1)