remote code execution in clamav

2007-04-2015:53:51

lists.opensuse.org

0.203 Low

EPSS

Percentile

96.4%

JSON

The AntiVirus scan engine clamav was updated to version 0.90.2. Among other bugs two security problems were fixed which could cause a remote denial of service attack against clamav or potentially be used to execute code.

Solution

There is no known workaround, please install the update packages.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server10s390xclamav< 0.90.2-0.2clamav-0.90.2-0.2.s390x.rpm
openSUSE9.3x86_64clamav< 0.90.2-0.1clamav-0.90.2-0.1.x86_64.rpm
openSUSE10.0i586clamav< 0.90.2-0.1clamav-0.90.2-0.1.i586.rpm
openSUSE10.0ppcclamav< 0.90.2-0.1clamav-0.90.2-0.1.ppc.rpm
openSUSE10.1x86_64clamav< 0.90.2-0.2clamav-0.90.2-0.2.x86_64.rpm
openSUSE10.1ppcclamav< 0.90.2-0.2clamav-0.90.2-0.2.ppc.rpm
openSUSE10.2ppcclamav< 0.90.2-0.1clamav-0.90.2-0.1.ppc.rpm
openSUSE10.2i586clamav< 0.90.2-0.1clamav-0.90.2-0.1.i586.rpm
openSUSE10.0x86_64clamav< 0.90.2-0.1clamav-0.90.2-0.1.x86_64.rpm
SUSE Linux Enterprise Server10ia64clamav< 0.90.2-0.2clamav-0.90.2-0.2.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Server	10	s390x	clamav	< 0.90.2-0.2	clamav-0.90.2-0.2.s390x.rpm
openSUSE	9.3	x86_64	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.x86_64.rpm
openSUSE	10.0	i586	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.i586.rpm
openSUSE	10.0	ppc	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.ppc.rpm
openSUSE	10.1	x86_64	clamav	< 0.90.2-0.2	clamav-0.90.2-0.2.x86_64.rpm
openSUSE	10.1	ppc	clamav	< 0.90.2-0.2	clamav-0.90.2-0.2.ppc.rpm
openSUSE	10.2	ppc	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.ppc.rpm
openSUSE	10.2	i586	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.i586.rpm
openSUSE	10.0	x86_64	clamav	< 0.90.2-0.1	clamav-0.90.2-0.1.x86_64.rpm
SUSE Linux Enterprise Server	10	ia64	clamav	< 0.90.2-0.2	clamav-0.90.2-0.2.ia64.rpm

Rows per page:

1-10 of 161

0.203 Low

EPSS

Percentile

96.4%

JSON

Related for SUSE-SA:2007:026