Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-15378

Опубликовано: 15 окт. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.5

Описание

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

РелизСтатусПримечание
bionic

released

0.100.2+dfsg-1ubuntu0.18.04.1
devel

released

0.100.2+dfsg-0ubuntu1
esm-infra-legacy/trusty

released

0.100.2+dfsg-1ubuntu0.14.04.1
esm-infra/bionic

released

0.100.2+dfsg-1ubuntu0.18.04.1
esm-infra/xenial

released

0.100.2+dfsg-1ubuntu0.16.04.1
precise/esm

not-affected

0.100.2+dfsg-1ubuntu0.12.04.1
trusty

released

0.100.2+dfsg-1ubuntu0.14.04.1
trusty/esm

released

0.100.2+dfsg-1ubuntu0.14.04.1
upstream

released

0.100.2
xenial

released

0.100.2+dfsg-1ubuntu0.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01696
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-15378

CVSS3: 5.5
nvd
больше 7 лет назад

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

debian логотип

CVE-2018-15378

CVSS3: 5.5
debian
больше 7 лет назад

A vulnerability in ClamAV versions prior to 0.100.2 could allow an att ...

github логотип

GHSA-f539-qjx8-227f

CVSS3: 5.5
github
больше 3 лет назад

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

suse-cvrf логотип

openSUSE-SU-2018:3505-1

suse-cvrf
больше 7 лет назад

Security update for clamav

suse-cvrf логотип

openSUSE-SU-2018:3315-1

suse-cvrf
больше 7 лет назад

Security update for clamav

EPSS

Процентиль: 82%
0.01696
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3