Category Archives: Advisories

clamav-1.0.7-1.fc40

Read Time:25 Second

FEDORA-2024-e8f7a74693

Packages in this update:

clamav-1.0.7-1.fc40

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More

clamav-1.0.7-1.el9

Read Time:26 Second

FEDORA-EPEL-2024-702a565078

Packages in this update:

clamav-1.0.7-1.el9

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More

clamav-1.0.7-1.fc41

Read Time:25 Second

FEDORA-2024-0d7eb64d90

Packages in this update:

clamav-1.0.7-1.fc41

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More

ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-7502.

Read More