| Errata ID | 292 |
|---|---|
| Date | 2018-11-01 |
| Source package | clamav |
| Fixed in version | 0.100.2+dfsg-0+deb9u1A~4.3.0.201810250854 |
| Description | This update addresses the following issue: * A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file. (CVE-2018-15378) |
| Additional notes | |
| CVE ID | CVE-2018-15378 |
| UCS Bug number | #48052 |
