Vulnerabilities > CVE-2012-6706 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
sophos
rarlab
CWE-190
critical
nessus
exploit available

Summary

A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the "DestPos" variable, which allows the attacker to write out of bounds when setting Mem[DestPos].

Vulnerable Configurations

Part Description Count
Application
Sophos
1
Application
Rarlab
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Exploit-Db

descriptionMicrosoft Windows Defender - 'mpengine.dll' Memory Corruption. CVE-2018-0986. Dos exploit for Windows platform
fileexploits/windows/dos/44402.txt
idEDB-ID:44402
last seen2018-05-24
modified2018-04-05
platformwindows
port
published2018-04-05
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/44402/
titleMicrosoft Windows Defender - 'mpengine.dll' Memory Corruption
typedos

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201804-16.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201804-16 (ClamAV: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, through multiple vectors, could execute arbitrary code, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id109230
    published2018-04-23
    reporterThis script is Copyright (C) 2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/109230
    titleGLSA-201804-16 : ClamAV: Multiple vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201804-16.
    #
    # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109230);
      script_version("1.2");
      script_cvs_date("Date: 2018/06/07 13:15:38");
    
      script_cve_id("CVE-2012-6706", "CVE-2017-11423", "CVE-2017-6418", "CVE-2017-6419", "CVE-2017-6420", "CVE-2018-0202", "CVE-2018-1000085");
      script_xref(name:"GLSA", value:"201804-16");
    
      script_name(english:"GLSA-201804-16 : ClamAV: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201804-16
    (ClamAV: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in ClamAV. Please review
          the CVE identifiers referenced below for details.
      
    Impact :
    
        A remote attacker, through multiple vectors, could execute arbitrary
          code, cause a Denial of Service condition, or have other unspecified
          impacts.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201804-16"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All ClamAV users should upgrade to the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.99.4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-antivirus/clamav", unaffected:make_list("ge 0.99.4"), vulnerable:make_list("lt 0.99.4"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ClamAV");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0863-1.NASL
    descriptionThis update for clamav fixes the following issues: Security issues fixed : - CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315). - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449). - CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423). - CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858). - CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108829
    published2018-04-04
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108829
    titleSUSE SLES11 Security Update : clamav (SUSE-SU-2018:0863-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-D2B08AA37F.NASL
    descriptionUpdate to 0.99.4 0.99.4 addresses a few outstanding vulnerability bugs. It includes fixes for : - CVE-2012-6706 - CVE-2017-6419 - CVE-2017-11423 - CVE-2018-1000085 There are also a few bug fixes that were not assigned CVE’s, but were important enough to address while we had the chance. One of these was the notorious file descriptor exhaustion bug that caused outages late last January. In addition to the above, 0.99.4 fixes : - CVE-2018-0202: Two newly reported vulnerabilities in the PDF parsing code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-14
    plugin id108311
    published2018-03-14
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108311
    titleFedora 26 : clamav (2018-d2b08aa37f)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-779.NASL
    descriptionThis update for clamav fixes the following security issue : - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490) This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2017-07-07
    plugin id101277
    published2017-07-07
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/101277
    titleopenSUSE Security Update : clamav (openSUSE-2017-779)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1763-1.NASL
    descriptionThis update for clamav fixes the following issues: Security issue fixed : - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490) Non security issue fixed : - Fix permissions of /var/spool/amavis. (bsc#815106) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id101222
    published2017-07-05
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101222
    titleSUSE SLES11 Security Update : clamav (SUSE-SU-2017:1763-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201708-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201708-05 (RAR and UnRAR: User-assisted execution of arbitrary code) A VMSF_DELTA memory corruption was discovered in which an integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the “DestPos” variable which allows writing out of bounds when setting Mem[DestPos]. Impact : A remote attacker, by enticing a user to open a specially crafted archive, could execute arbitrary code with the privileges of the process. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id102617
    published2017-08-21
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/102617
    titleGLSA-201708-05 : RAR and UnRAR: User-assisted execution of arbitrary code
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1745-1.NASL
    descriptionThis update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. (bsc#1045315). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id101204
    published2017-07-03
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101204
    titleSUSE SLED12 / SLES12 Security Update : unrar (SUSE-SU-2017:1745-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1003.NASL
    descriptionIt was reported that unrar fixed a VMSF_DELTA memory corruption issue in their latest version unrarsrc-5.5.5.tar.gz. This problem was reported to Sophos AV in 2012 but never reach upstream rar. For Debian 7
    last seen2020-03-17
    modified2017-06-28
    plugin id101065
    published2017-06-28
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/101065
    titleDebian DLA-1003-1 : unrar-nonfree security update
  • NASL familyMisc.
    NASL idMCAFEE_WEB_GATEWAY_SB10205.NASL
    descriptionThe remote host is running a version of McAfee Web Gateway (MWG) that is affected by multiple security vulnerabilities : - A memory corruption flaw exists in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products that allows remote attackers to execute arbitrary code. (CVE-2012-6706) - A memory corruption flaw exists in Linux Kernel versions 4.11.5 and earlier that allows remote attacks to execute arbitrary code with elevated privileges.(CVE-2017-1000364) - A memory corruption flaw exists in the handling of LD_LIBRARY_PATH that allows a remote attacker to manipulate the heap/stack that may lead to arbitrary code execution. This issue only affects GNU glibc 2.25 and prior. (CVE-2017-1000366) - An input validation flaw exists in Todd Miller
    last seen2020-06-13
    modified2017-08-15
    plugin id102496
    published2017-08-15
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102496
    titleMcAfee Web Gateway 7.6.x < 7.6.2.15 / 7.7.x < 7.7.2.3 Multiple Vulnerabilities (SB10205)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-724.NASL
    descriptionThis update for unrar to version 5.5 fixes the following issues : Version 5.5.5 - CVE-2012-6706: fixes VMSF_DELTA memory corruption (boo#1045315) see https://bugs.chromium.org/p/project-zero/issues/detail?i d=1286&can=1&q=unrar&desc=2 Version 5.5.1 - Based on RAR 5.50 beta1 - Added extraction support for .LZ archives created by Lzip compressor. - Modern TAR tools can store high precision file times, lengthy file names and large file sizes in special PAX extended headers inside of TAR archive. Now WinRAR supports such PAX headers and uses them when extracting TAR archives. - unrar no longer fails to unpack files in ZIP archives compressed with XZ algorithm and encrypted with AES Version 5.4.5. - Based on final RAR 5.40. - If RAR recovery volumes (.rev files) are present in the same folder as usual RAR volumes, archive test command verifies .rev contents after completing testing .rar files. If you wish to test only .rev files without checking .rar volumes, you can run: `unrar t arcname.part1.rev`. - If -p switch is used without optional <pwd> parameter, a password can be also set with file redirection or pipe. - unrar treats
    last seen2020-06-05
    modified2017-09-13
    plugin id103163
    published2017-09-13
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/103163
    titleopenSUSE Security Update : unrar (openSUSE-2017-724)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0862-1.NASL
    descriptionThis update for unrar to version 5.6.1 fixes several issues. These security issues were fixed : - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file (bsc#1054038). - CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function (bsc#1054038). - CVE-2017-12941: Prevent an out-of-bounds read in the Unpack::Unpack20 function (bsc#1054038). - CVE-2017-12942: Prevent a buffer overflow in the Unpack::LongLZ function (bsc#1054038). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108828
    published2018-04-04
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108828
    titleSUSE SLES11 Security Update : unrar (SUSE-SU-2018:0862-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1716-1.NASL
    descriptionThis update for clamav fixes the following issues: Security issue fixed : - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar (bsc#1045490) Non security issues fixed : - Provide and obsolete clamav-nodb to trigger its removal in openSUSE Leap. (bsc#1040662) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id101143
    published2017-06-30
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101143
    titleSUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2017:1716-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201710-21.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201710-21 (Kodi: Arbitrary code execution) Kodi is vulnerable due to shipping with an embedded version of UnRAR. Please review the referenced CVE identifier for details. Impact : A remote attacker, by enticing a user to process a specifically crafted RAR file, could execute arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id104064
    published2017-10-23
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/104064
    titleGLSA-201710-21 : Kodi: Arbitrary code execution
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-602B5345FA.NASL
    descriptionUpdate to 0.99.4 0.99.4 addresses a few outstanding vulnerability bugs. It includes fixes for : - CVE-2012-6706 - CVE-2017-6419 - CVE-2017-11423 - CVE-2018-1000085 There are also a few bug fixes that were not assigned CVE&rsquo;s, but were important enough to address while we had the chance. One of these was the notorious file descriptor exhaustion bug that caused outages late last January. In addition to the above, 0.99.4 fixes : - CVE-2018-0202: Two newly reported vulnerabilities in the PDF parsing code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-07
    plugin id107169
    published2018-03-07
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107169
    titleFedora 27 : clamav (2018-602b5345fa)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-314.NASL
    descriptionThis update for clamav fixes the following issues : Security issues fixed : - CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315). - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449). - CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423). - CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858). - CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2018-03-27
    plugin id108637
    published2018-03-27
    reporterThis script is Copyright (C) 2018-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/108637
    titleopenSUSE Security Update : clamav (openSUSE-2018-314)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1760-1.NASL
    descriptionThis update for unrar fixes the following issues : - CVE-2012-6706: decoding malicious RAR files could have lead to memory corruption or code execution. (bsc#1045315). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id101221
    published2017-07-05
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101221
    titleSUSE SLES11 Security Update : unrar (SUSE-SU-2017:1760-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201709-24.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201709-24 (RAR, UnRAR: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in RAR and UnRAR. Please review the referenced CVE identifiers for details. Impact : A remote attacker, by enticing a user to open a specially crafted RAR, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id103463
    published2017-09-26
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/103463
    titleGLSA-201709-24 : RAR, UnRAR: Multiple vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-976.NASL
    descriptionHeap-based buffer overflow in mspack/lzxd.c mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. (CVE-2017-6419) Out-of-bounds access in the PDF parser (CVE-2018-0202) A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. An integer overflow can be caused in DataSize+CurChannel. The result is a negative value of the
    last seen2020-06-01
    modified2020-06-02
    plugin id108601
    published2018-03-27
    reporterThis script is Copyright (C) 2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/108601
    titleAmazon Linux AMI : clamav (ALAS-2018-976)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0809-1.NASL
    descriptionThis update for clamav fixes the following issues: Security issues fixed : - CVE-2012-6706: VMSF_DELTA filter inside the unrar implementation allows an arbitrary memory write (bsc#1045315). - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CHM file (bsc#1052449). - CVE-2017-11423: A stack-based buffer over-read that can lead to a denial of service in mspack via a crafted CAB file (bsc#1049423). - CVE-2018-1000085: An out-of-bounds heap read vulnerability was found in XAR parser that can lead to a denial of service (bsc#1082858). - CVE-2018-0202: Fixed two vulnerabilities in the PDF parsing code (bsc#1083915). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108652
    published2018-03-27
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108652
    titleSUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:0809-1)