984652 – (CVE-2016-1371) VUL-0: CVE-2016-1371: clamav: Crash when processing a crafted mew packer executable

Bug 984652 (CVE-2016-1371) - VUL-0: CVE-2016-1371: clamav: Crash when processing a crafted mew packer executable

Summary: VUL-0: CVE-2016-1371: clamav: Crash when processing a crafted mew packer exec...

Status:	RESOLVED DUPLICATE of bug 978459

Alias:	CVE-2016-1371

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Reinhard Max
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/170062/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-06-14 13:21 UTC by Marcus Meissner
Modified:	2016-07-25 08:14 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2016-06-14 13:21:21 UTC

CVE-2016-1371

fixed in 0.99.2

https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/

CVE-2016-1371 – Crash when processing a crafted mew packer executable

Comment 1 Swamp Workflow Management 2016-06-14 22:01:19 UTC

bugbot adjusting priority

Comment 2 Reinhard Max 2016-07-21 16:58:11 UTC

How shall we continue with this?

Comment 3 Marcus Meissner 2016-07-25 08:14:07 UTC

fixed with the clamav versiuon update to 0.99.2 , tracked in bug 978459

*** This bug has been marked as a duplicate of bug 978459 ***