Fluid Attacks Database

Description

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.10	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.100.1-r1 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0
debian 14	clamav	>=0 <0.100.2+dfsg-1	0.100.2+dfsg-1
alpine v3.11	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.100.1-r1 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0
alpine v3.6	clamav	=0.100.1-r0 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.4-r0 \|\| >=0 <0.100.2-r0	0.100.2-r0
alpine v3.7	clamav	=0.100.1-r0 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.4-r0 \|\| >=0 <0.100.2-r0	0.100.2-r0
alpine v3.8	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0
alpine v3.12	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.100.1-r1 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0
alpine v3.13	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.100.1-r1 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0
debian 13	clamav	>=0 <0.100.2+dfsg-1	0.100.2+dfsg-1
alpine v3.9	clamav	=0.100.0-r0 \|\| =0.100.0-r1 \|\| =0.100.0-r2 \|\| =0.100.1-r0 \|\| =0.100.1-r1 \|\| =0.94.2-r0 \|\| =0.94.2-r1 \|\| =0.94.2-r2 \|\| =0.95.1-r0 \|\| =0.95.1-r1 \|\| =0.95.2-r0 \|\| =0.95.2-r1 \|\| =0.95.3-r0 \|\| =0.95.3-r1 \|\| =0.96-r0 \|\| =0.96.1-r0 \|\| =0.96.2-r0 \|\| =0.96.3-r0 \|\| =0.96.4-r0 \|\| =0.96.5-r0 \|\| =0.97-r0 \|\| =0.97-r1 \|\| =0.97-r2 \|\| =0.97-r3 \|\| =0.97-r4 \|\| =0.97.1-r0 \|\| =0.97.2-r0 \|\| =0.97.3-r0 \|\| =0.97.3-r1 \|\| =0.97.3-r2 \|\| =0.97.3-r3 \|\| =0.97.4-r0 \|\| =0.97.4-r1 \|\| =0.97.4-r2 \|\| =0.97.5-r0 \|\| =0.97.6-r0 \|\| =0.97.6-r1 \|\| =0.97.7-r0 \|\| =0.97.8-r0 \|\| =0.97.8-r1 \|\| =0.97.8-r2 \|\| =0.98-r0 \|\| =0.98-r1 \|\| =0.98.1-r0 \|\| =0.98.1-r1 \|\| =0.98.1-r2 \|\| =0.98.3-r0 \|\| =0.98.4-r0 \|\| =0.98.4-r1 \|\| =0.98.5-r0 \|\| =0.98.6-r0 \|\| =0.98.6-r1 \|\| =0.98.6-r2 \|\| =0.98.7-r0 \|\| =0.98.7-r1 \|\| =0.98.7-r2 \|\| =0.99-r0 \|\| =0.99-r1 \|\| =0.99-r2 \|\| =0.99-r3 \|\| =0.99.1-r0 \|\| =0.99.1-r1 \|\| =0.99.1-r2 \|\| =0.99.2-r0 \|\| =0.99.2-r1 \|\| =0.99.2-r2 \|\| =0.99.2-r3 \|\| =0.99.2-r4 \|\| =0.99.2-r5 \|\| =0.99.2-r6 \|\| =0.99.3-r1 \|\| =0.99.3-r2 \|\| =0.99.3-r3 \|\| =0.99.4-r0 \|\| =0.99.4-r1 \|\| >=0 <0.100.2-r0	0.100.2-r0

1-10 of 12

Aliases

1. CVE-2018-153782. NVD-2018-153783. OSV-ALPINE-2018-153784. OSV-2018-153785. OSV-DEBIAN-2018-153786. SECURITY-CVE-2018-153787. SECURITY-TRACKER-CVE-2018-15378

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.