HomePentest-Tools.com Logo

ClamAV < 0.100.2 unmew11 DoS Vulnerability - Windows CVE-2018-15378

Severity
CVSSv3 Score
5.5
Vulnerability description

ClamAV is prone to a denial of service (DoS) vulnerability.

Risk description

The flaw related to the MEW unpacker within the unmew11() function (libclamav/mew.c) can be exploited to trigger an invalid read memory access via a specially crafted EXE file. Successful exploitation will allow an attacker to cause denial of service.

Recommendation

Update to version 0.100.2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 15, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available