CVE-2016-1405 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-1405 PUBLISHED

libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.

EPSS 3.82% · 88.0th percentile

Risk Scores

EPSS Score

3.82%

88.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	clamav	0, 0.97.8+dfsg-1ubuntu4, 0.97.8+dfsg-1ubuntu5
Ubuntu:16.04:LTS	clamav	0, 0.98.7+dfsg-0ubuntu4, 0.98.7+dfsg-0ubuntu5

Timeline

May 31, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Oct 22, 2023 EPSS Score
Dec 13, 2023 EPSS Score
Mar 26, 2024 EPSS Score

References

https://ubuntu.com/security/CVE-2016-1405 third-party-advisory
https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog third-party-advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa third-party-advisory
https://ubuntu.com/security/notices/USN-3093-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2016-1405 third-party-advisory

Open in Interactive Console →