Denial of Service Vulnerability in ClamAV by Cisco
CVE-2013-6497

Currently unrated

Key Information:

Vendor

Clamav

Status
Clamav
Vendor
CVE Published:
1 December 2014

What is CVE-2013-6497?

ClamAV versions prior to 0.98.5 contain a vulnerability that permits remote attackers to exploit the software by leveraging the '-a' command-line option. This can lead to a denial of service condition, crashing the application when processing malicious input such as a specially crafted 'jwplayer.js' file. Users are advised to upgrade to the latest version to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2014...
vendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2014/11/19/2
mailing-listx_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.