CVE-2016-1372

CVE-2016-1372

EPSS 1.6%

ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html https://bugzilla.clamav.net/show_bug.cgi?id=11514 https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/http://www.securityfocus.com/bid/93221 http://www.ubuntu.com/usn/USN-3093-1