Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2013-6497
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file..
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 2.1/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- Partial
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- https://bugzilla.clamav.net/show_bug.cgi?id=11088
- http://secunia.com/advisories/59645
- http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html
- http://www.openwall.com/lists/oss-security/2014/11/19/2
- http://secunia.com/advisories/60150
- http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html
- http://www.openwall.com/lists/oss-security/2014/11/19/5
- http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1138101
- http://www.ubuntu.com/usn/USN-2423-1
- http://www.securityfocus.com/bid/71178
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:217
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html
- http://www.ubuntu.com/usn/USN-2488-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98804