Back to search
CVE-2018-1000085
Published: Mar 13, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-3592-2
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20170929 clamav: Out of bounds read and segfault in xar parser
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20180316 [SECURITY] [DLA 1307-1] clamav security update
mailing-list
x_refsource_MLIST
USN-3592-1
vendor-advisory
x_refsource_UBUNTU
GLSA-201804-16
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now