Test ID:	1.3.6.1.4.1.25623.1.0.112749
Category:	Denial of Service
Title:	ClamAV 0.101 - 0.102.2 DoS Vulnerability - Windows
Summary:	ClamAV is prone to a denial of service (DoS) vulnerability.
Description:	Summary: ClamAV is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Improper size checking of a buffer used to initialize AES decryption routines results in an out-of-bounds read, which may cause a crash. Vulnerability Impact: Successful exploitation would cause a denial-of-service condition. Affected Software/OS: ClamAV versions 0.101 through 0.102.2. Solution: Update to version 0.102.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-3341 Cisco Security Advisory: https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/ https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html https://usn.ubuntu.com/4370-1/ https://usn.ubuntu.com/4370-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.