Ubuntu Security Notice 3728-3 - USN-3728-2 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
71d8c9d8fdaf567458cf32a3e140f962b401834aa67eb857a1155dbcc5bdb646==========================================================================
Ubuntu Security Notice USN-3728-3
August 02, 2018
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3728-2 fixed several vulnerabilities in ClamAV. This update
provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Hanno BAPck discovered that libmspack incorrectly handled certain CHM
files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2018-14679, CVE-2018-14680)
Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ
files. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2018-14681)
Dmitry Glavatskikh discovered that libmspack incorrectly certain CHM
files. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2018-14682)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.3
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3728-3
https://usn.ubuntu.com/usn/usn-3728-1
CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed