漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
Vulnerability Description
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Cisco Secure Endpoint 资源管理错误漏洞
Vulnerability Description
Cisco Secure Endpoint是美国Cisco公司的一套集成了静态和动态恶意软件分析以及威胁情报于一体的终端应用程序。 Cisco Secure Endpoint存在资源管理错误漏洞,该漏洞源于文件扫描过程中对临时资源处理不当,可能导致未经验证的远程攻击者通过提交特制的InstallShield文件,造成ClamAV扫描进程终止并暂时消耗系统资源,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A