Vulnerability CVE-2019-1787


Published: 2019-04-08

Description:
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.

Type:

CWE-125

(Out-of-bounds Read)

Vendor: Debian
Product: Debian linux 
Version: 8.0;
Vendor: Opensuse
Product: LEAP 
Version: 42.3; 15.0;
Vendor: Clamav
Product: Clamav 
Version: 0.101.1;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181
https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html
https://security.gentoo.org/glsa/201904-12

Related CVE
CVE-2013-7087
ClamAV before 0.97.7 has WWPack corrupt heap memory
CVE-2013-7088
ClamAV before 0.97.7 has buffer overflow in the libclamav component
CVE-2013-7089
ClamAV before 0.97.7: dbg_printhex possible information leak
CVE-2007-6745
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
CVE-2007-0899
There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
CVE-2019-12625
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.
CVE-2019-1798
A vulnerability in the Portable Executable (PE) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. T...
CVE-2019-1788
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected ...

Copyright 2019, cxsecurity.com

 

Back to Top