Summary
The host is installed with ClamAV and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to cause a denial of service (crash) via vectors related to recursion level.
Impact Level: Application
Solution
Upgrade to ClamAV version 0.97.3 or later
For updates refer to http://www.clamav.net/lang/en/download/
Insight
The flaw is due to the way the bytecode engine handled recursion level when scanning an unpacked file.
Affected
ClamAV before 0.97.3 on Windows.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2011-3627 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
- ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
- CUPS Empty UDP Datagram DoS Vulnerability
- Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
- F-Secure Policy Manager Server fsmsh.dll module DoS