ClamAV < 0.99.1 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9261

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities.

Description

Versions of ClamAV prior to 0.99.1 are potentially affected by the following vulnerabilities :

- An out-of-bounds read flaw exists in the 'ea05()' and 'ea06()' functions in 'autoit.c'. This may allow a context-dependent attacker to cause a denial of service.
- An out-of-bounds read flaw affects the 'rijndaelSetupEncrypt()' function in 'rijndael.c'. The issue is triggered during the decryption of PDF files. This may allow a context-dependent attacker to cause a denial of service.
- An out-of-bounds read flaw exists in the 'parseEmailFile()' function in 'mbox.c'. This may allow a context-dependent attacker to cause a denial of service.
- An out-of-bounds write flaw exists in the 'screnc_decode()' function in 'htmlnorm.c' that may allow a context-dependent attacker to have an unspecified impact that may potentially include the execution of arbitrary code.
- An overflow condition affects the 'wwunpack()' function in 'wwunpack.c'. The issue is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service.
- An out-of-bounds write flaw affects the 'handle_df()' function in 'js-norm.c' that allows a context-dependent attacker to write to adjacent buffers. This may allow the attacker to have an unspecified impact that may potentially include the execution of arbitrary code.
- A flaw exists that is triggered during the handling of a specially crafted '.7z' file. This may allow a context-dependent attacker to cause a memory overlay and crash the program, which can leave the system vulnerable to other attacks.
- An integer underflow condition exists that is triggered as user-supplied input is not properly validated. This may allow an attacker to have an unspecified impact. No further details have been provided.

Solution

Upgrade to ClamAV 0.99.1 or later.

See Also

http://blog.clamav.net/2016/03/clamav-0991-has-been-released.html

http://lists.clamav.net/pipermail/clamav-announce/2016/000017.html

Plugin Details

Severity: High

ID: 9261

Family: Web Clients

Published: 4/22/2016

Updated: 3/6/2019

Vulnerability Information

CPE: cpe:/a:cisco:clamav

Patch Publication Date: 12/17/2015

Vulnerability Publication Date: 11/16/2015