CVE-2016-1405
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
libclamav en ClamAV (también conocida como Clam AntiVirus), tal como se utiliza en Advanced Malware Protection (AMP) en dispositivos Cisco Email Security Appliance (ESA) en versiones anteriores a 9.7.0-125 y dispositivos Web Security Appliance (WSA) en versiones anteriores a 9.0.1-135 y 9.1.x en versiones anteriores a 9.1.1-041, permite a atacantes remotos provocar una denegación de servicio (reinicio del proceso AMP) a través de un documento manipulado, también conocido como Bug IDs CSCuv78533 y CSCuw60503.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-01-04 CVE Reserved
- 2016-06-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/90968 | Vdb Entry | |
| http://www.securitytracker.com/id/1035993 | Vdb Entry | |
| http://www.securitytracker.com/id/1035994 | Vdb Entry | |
| https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa | 2016-11-28 | |
| http://www.ubuntu.com/usn/USN-3093-1 | 2016-11-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | * | - |
Affected
| in | Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.6.0-042 Search vendor "Cisco" for product "Email Security Appliance" and version "9.6.0-042" | - |
Affected
|
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | * | - |
Affected
| in | Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 8.8.0-085 Search vendor "Cisco" for product "Web Security Appliance" and version "8.8.0-085" | - |
Affected
|
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | * | - |
Affected
| in | Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 9.1.0-070 Search vendor "Cisco" for product "Web Security Appliance" and version "9.1.0-070" | - |
Affected
|
| Clamav Search vendor "Clamav" | Clamav Search vendor "Clamav" for product "Clamav" | * | - |
Affected
| in | Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 9.5.0-284 Search vendor "Cisco" for product "Web Security Appliance" and version "9.5.0-284" | - |
Affected
|