CVE-2013-7089: Infoleak
First published: Fri Nov 15 2019(Updated: )
ClamAV before 0.97.7: dbg_printhex possible information leak
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/clamav | 0.103.6+dfsg-0+deb10u1 0.103.9+dfsg-0+deb10u1 0.103.10+dfsg-0+deb11u1 1.0.3+dfsg-1~deb12u1 1.0.3+dfsg-2 | |
| Clamav Clamav | <0.97.7 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Fedoraproject Fedora | =17 | |
| Fedoraproject Fedora | =18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2013-7089?
CVE-2013-7089 refers to a vulnerability in ClamAV before version 0.97.7 that can lead to a possible information leak.
How does CVE-2013-7089 impact ClamAV?
CVE-2013-7089 can allow an attacker to leak sensitive information through the dbg_printhex function in ClamAV.
What is the severity level of CVE-2013-7089?
CVE-2013-7089 has a severity level of 7.5 (High).
How can I fix the CVE-2013-7089 vulnerability in ClamAV?
To fix the CVE-2013-7089 vulnerability, it is recommended to update ClamAV to version 0.97.7 or later.
Where can I find more information about CVE-2013-7089?
You can find more information about CVE-2013-7089 on the following websites: [Bugzilla](https://bugzilla.clamav.net/show_bug.cgi?id=6804), [Debian Security Tracker](https://security-tracker.debian.org/tracker/CVE-2013-7089), [Gentoo GLSA](http://security.gentoo.org/glsa/glsa-201405-08.xml).
- collector/security-tracker-debian
- collector/nvd-index
- package-manager/debian
- vendor/clamav
- canonical/clamav clamav
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/17
- version/fedoraproject fedora/18