New Vulnerability Test Highlights
Some of the more interesting vulnerability tests we added recently are as follows:
ClamAV
- ClamAV getchecksum function (in untar.c) Out-of-Bounds Heap Read Vulnerability ( CVE-2017-12378)
- ClamAV getHrefs function (in mbox.c) Null Pointer Dereference Vulnerability ( CVE-2017-12380)
- ClamAV handle_pdfname function (in pdf.c) Heap Overflow Vulnerability ( CVE-2017-12376)
- ClamAV messageAddArgument function (in message.c) Heap Overflow Vulnerability ( CVE-2017-12379)
- ClamAV rfc2047 function (in mbox.c) Buffer Overflow Vulnerability ( CVE-2017-12375)
- ClamAV textIterate function (in mbox.c) Use-After-Free Vulnerability ( CVE-2017-12374)
- ClamAV zma_bswap_4861dc function (in mew.c) Out-of-Bounds Heap Read Vulnerability ( CVE-2017-12377)
jQuery
How to Update?
All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.