Vulnerability Name: | CVE-2016-1371 (CCN-117463) | ||||||||||||||||||||
Assigned: | 2016-10-03 | ||||||||||||||||||||
Published: | 2016-10-03 | ||||||||||||||||||||
Updated: | 2016-10-04 | ||||||||||||||||||||
Summary: | ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable. | ||||||||||||||||||||
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||
CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
| ||||||||||||||||||||
Vulnerability Type: | CWE-284 | ||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||
References: | Source: CCN Type: ClamAV Web site ClamAV 0.99.2 has been released! Source: CONFIRM Type: Vendor Advisory http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html Source: MITRE Type: CNA CVE-2016-1371 Source: CCN Type: ClamAV Web Site ClamavNet Source: BID Type: Third Party Advisory, VDB Entry 93222 Source: UBUNTU Type: Third Party Advisory USN-3093-1 Source: CONFIRM Type: Issue Tracking https://bugzilla.clamav.net/show_bug.cgi?id=11514 Source: XF Type: UNKNOWN clamav-cve20161371-dos(117463) Source: MISC Type: Exploit, Technical Description, Third Party Advisory https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/ Source: CCN Type: WhiteSource Vulnerability Database CVE-2016-1371 | ||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: ![]() | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |