Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-12625

Опубликовано: 05 нояб. 2019
Источник: debian
EPSS Низкий

Описание

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
clamavfixed0.101.4+dfsg-1package
clamavfixed0.101.4+dfsg-0+deb10u1busterpackage
clamavfixed0.101.4+dfsg-0+deb9u1stretchpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2019/08/06/3

  • https://bugzilla.clamav.net/show_bug.cgi?id=12356

  • Partially adressed already in 0.101.2+dfsg-3 but incomplete.

  • https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html

EPSS

Процентиль: 84%
0.02322
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-12625

CVSS3: 7.5
ubuntu
почти 6 лет назад

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

nvd логотип

CVE-2019-12625

CVSS3: 7.5
nvd
почти 6 лет назад

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

msrc логотип

CVE-2019-12625

CVSS3: 7.5
msrc
почти 5 лет назад

Описание отсутствует

github логотип

GHSA-fj79-gf26-7c3p

CVSS3: 7.5
github
больше 3 лет назад

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

fstec логотип

BDU:2020-01710

CVSS3: 5.3
fstec
почти 6 лет назад

Уязвимость пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 84%
0.02322
Низкий