Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.891759
Kategorie:Debian Local Security Checks
Titel:Debian LTS: Security Advisory for clamav (DLA-1759-1)
Zusammenfassung:The remote host is missing an update for the 'clamav'; package(s) announced via the DLA-1759-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'clamav'
package(s) announced via the DLA-1759-1 advisory.

Vulnerability Insight:
Out-of-bounds read and write conditions have been fixed in clamav.

CVE-2019-1787

An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.

CVE-2019-1788

An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.

CVE-2019-1789

An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.

Affected Software/OS:
'clamav' package(s) on Debian Linux.

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
0.100.3+dfsg-0+deb8u1.

We recommend that you upgrade your clamav packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-1787
https://security.gentoo.org/glsa/201904-12
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181
https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html
SuSE Security Announcement: openSUSE-SU-2019:1208 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html
SuSE Security Announcement: openSUSE-SU-2019:1210 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-1788
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166
Common Vulnerability Exposure (CVE) ID: CVE-2019-1789
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.