CVE-2016-1405
Last modified
CVE-2016-1405 is a vulnerability of currently unknown severity. libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.. EPSS estimates a 2.96% chance of exploitation in the next 30 days.
Description
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Clamav | Clamav | All versions |
| Cisco | Email Security Appliance | 9.6.0-042 |
| Cisco | Web Security Appliance | 8.8.0-085 |
| Cisco | Web Security Appliance | 9.1.0-070 |
| Cisco | Web Security Appliance | 9.5.0-284 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-1405?
How severe is CVE-2016-1405?
How do I fix CVE-2016-1405?
Are you affected by CVE-2016-1405?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST