CVE-2019-15961

Опубликовано: 15 янв. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.1

CVSS3: 7.5

Описание

A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.

Релиз	Статус	Примечание
bionic	released	0.102.1+dfsg-0ubuntu0.18.04.2
devel	released	0.102.1+dfsg-1ubuntu1
disco	released	0.102.1+dfsg-0ubuntu0.19.04.2
eoan	released	0.102.1+dfsg-0ubuntu0.19.10.2
esm-infra-legacy/trusty	released	0.102.1+dfsg-0ubuntu0.14.04.1+esm1
esm-infra/bionic	released	0.102.1+dfsg-0ubuntu0.18.04.2
esm-infra/xenial	released	0.102.1+dfsg-0ubuntu0.16.04.2
precise/esm	not-affected	0.102.1+dfsg-0ubuntu0.12.04.1
trusty	ignored	end of standard support
trusty/esm	released	0.102.1+dfsg-0ubuntu0.14.04.1+esm1

Показывать по

Ссылки на источники

EPSS

Процентиль: 84%

0.02219

Низкий

7.1 High

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-15961

CVSS3: 7.5

nvd

около 6 лет назад

CVE-2019-15961

CVSS3: 6.5

msrc

больше 5 лет назад

Описание отсутствует

CVE-2019-15961

CVSS3: 7.5

debian

около 6 лет назад

A vulnerability in the email parsing module Clam AntiVirus (ClamAV) So ...

openSUSE-SU-2019:2668-1

suse-cvrf

около 6 лет назад

Security update for clamav

SUSE-SU-2019:3177-1

suse-cvrf

около 6 лет назад

Security update for clamav

EPSS

Процентиль: 84%

0.02219

Низкий

7.1 High

CVSS2

7.5 High

CVSS3

CVE-2019-15961

Описание

Пакет clamav

Ссылки на источники

Связанные уязвимости