BZ2_decompress in decompress.c in... CVE-2019-12900

7.5 AV AC AU C I A
发布: 2019-06-19
修订: 2019-10-04

Ubuntu Security Notice 4146-2 - USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.