Vulnerability-Lookup

CVE-2017-12377 (GCVE-0-2017-12377)

Vulnerability from cvelistv5 – Published: 2018-01-26 20:00 – Updated: 2024-12-02 21:26

Summary

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.

Severity ?

No CVSS data available.

CWE

heap overflow

Assigner

cisco

References

URL

Tags

	https://usn.ubuntu.com/3550-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3550-2/	vendor-advisoryx_refsource_UBUNTU
	https://bugzilla.clamav.net/show_bug.cgi?id=11943	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	http://blog.clamav.net/2018/01/clamav-0993-has-be…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	ClamAV AntiVirus software versions 0.99.2 and prior	Affected: ClamAV AntiVirus software versions 0.99.2 and prior

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.378Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3550-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3550-1/"
          },
          {
            "name": "USN-3550-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3550-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
          },
          {
            "name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-12377",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T19:24:17.550998Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:26:06.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ClamAV AntiVirus software versions 0.99.2 and prior",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ClamAV AntiVirus software versions 0.99.2 and prior"
            }
          ]
        }
      ],
      "datePublic": "2018-01-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "heap overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-15T09:57:02.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "USN-3550-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3550-1/"
        },
        {
          "name": "USN-3550-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3550-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
        },
        {
          "name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12377",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "heap overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3550-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3550-1/"
            },
            {
              "name": "USN-3550-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3550-2/"
            },
            {
              "name": "https://bugzilla.clamav.net/show_bug.cgi?id=11943",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
            },
            {
              "name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
            },
            {
              "name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
              "refsource": "CONFIRM",
              "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12377",
    "datePublished": "2018-01-26T20:00:00.000Z",
    "dateReserved": "2017-08-03T00:00:00.000Z",
    "dateUpdated": "2024-12-02T21:26:06.662Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://usn.ubuntu.com/3550-1/\", \"name\": \"USN-3550-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/3550-2/\", \"name\": \"USN-3550-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.clamav.net/show_bug.cgi?id=11943\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html\", \"name\": \"[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T18:36:56.378Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-12377\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-02T19:24:17.550998Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-02T19:26:37.436Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"ClamAV AntiVirus software versions 0.99.2 and prior\", \"versions\": [{\"status\": \"affected\", \"version\": \"ClamAV AntiVirus software versions 0.99.2 and prior\"}]}], \"datePublic\": \"2018-01-26T00:00:00.000Z\", \"references\": [{\"url\": \"https://usn.ubuntu.com/3550-1/\", \"name\": \"USN-3550-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://usn.ubuntu.com/3550-2/\", \"name\": \"USN-3550-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://bugzilla.clamav.net/show_bug.cgi?id=11943\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html\", \"name\": \"[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"heap overflow\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2018-03-15T09:57:02.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"ClamAV AntiVirus software versions 0.99.2 and prior\"}]}, \"product_name\": \"ClamAV AntiVirus software versions 0.99.2 and prior\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://usn.ubuntu.com/3550-1/\", \"name\": \"USN-3550-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://usn.ubuntu.com/3550-2/\", \"name\": \"USN-3550-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://bugzilla.clamav.net/show_bug.cgi?id=11943\", \"name\": \"https://bugzilla.clamav.net/show_bug.cgi?id=11943\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html\", \"name\": \"[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update\", \"refsource\": \"MLIST\"}, {\"url\": \"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\", \"name\": \"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"heap overflow\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-12377\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@cisco.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-12377\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-02T21:26:06.662Z\", \"dateReserved\": \"2017-08-03T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2018-01-26T20:00:00.000Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CVE-2017-12377

Vulnerability from fstec - Published: 26.10.2017

Title

Уязвимость функции lzma_bswap_4861dc средства антивирусной защиты Clam Antivirus, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Description

Уязвимость функции lzma_bswap_4861dc (mew.c) средства антивирусной защиты Clam Antivirus вызвана выходом операции за границы буфера в памяти при сканировании вредоносного файла. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании или выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

The ClamAV Team, АО «НТЦ ИТ РОСА»

Software Name

Clam Antivirus, РОСА Кобальт (запись в едином реестре российских программ №1999)

Software Version

до 0.99.2 включительно (Clam Antivirus), - (РОСА Кобальт)

Possible Mitigations

Использование рекомендаций: Для Clam Antivirus: https://bugzilla.clamav.net/show_bug.cgi?id=11943 Для ОС РОСА КОБАЛЬТ: http://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-03-23.003

Reference

http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html https://bugzilla.clamav.net/show_bug.cgi?id=11943 https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html http://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-03-23.003

CWE

CWE-119

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "The ClamAV Team, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 0.99.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Clam Antivirus), - (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Clam Antivirus:\nhttps://bugzilla.clamav.net/show_bug.cgi?id=11943\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \u041a\u041e\u0411\u0410\u041b\u042c\u0422:\nhttp://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-03-23.003",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "26.10.2017",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.08.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.03.2018",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-00338",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-12377",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Clam Antivirus, \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 lzma_bswap_4861dc \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b Clam Antivirus, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 lzma_bswap_4861dc (mew.c) \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b Clam Antivirus \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\nhttps://bugzilla.clamav.net/show_bug.cgi?id=11943\nhttps://lists.debian.org/debian-lts-announce/2018/01/msg00035.html\nhttp://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-03-23.003",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CNVD-2018-03236

Vulnerability from cnvd - Published: 2018-02-12

Title

ClamAV堆缓冲区溢出漏洞（CNVD-2018-03236）

Description

ClamAV AntiVirus software是ClamAV团队开发的一套免费且开源的杀毒软件。该软件用于检测木马、病毒、恶意软件和其他恶意威胁。 ClamAV AntiVirus software中的mew.c文件存在堆缓冲区溢出漏洞，该漏洞源于程序没有对mew数据文件执行正确的输入验证检测。远程攻击者可借助恶意的文件利用该漏洞造成拒绝服务或可能执行任意代码（堆缓冲区越边界读取）。

Severity

高

Patch Name

ClamAV堆缓冲区溢出漏洞（CNVD-2018-03236）的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Reference

http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html https://bugzilla.clamav.net/show_bug.cgi?id=11943 https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html

Impacted products

Name
Clamav clamav <=0.99.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12377"
    }
  },
  "description": "ClamAV AntiVirus software\u662fClamAV\u56e2\u961f\u5f00\u53d1\u7684\u4e00\u5957\u514d\u8d39\u4e14\u5f00\u6e90\u7684\u6740\u6bd2\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u7528\u4e8e\u68c0\u6d4b\u6728\u9a6c\u3001\u75c5\u6bd2\u3001\u6076\u610f\u8f6f\u4ef6\u548c\u5176\u4ed6\u6076\u610f\u5a01\u80c1\u3002\r\n\r\nClamAV AntiVirus software\u4e2d\u7684mew.c\u6587\u4ef6\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u5bf9mew\u6570\u636e\u6587\u4ef6\u6267\u884c\u6b63\u786e\u7684\u8f93\u5165\u9a8c\u8bc1\u68c0\u6d4b\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u6076\u610f\u7684\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u53ef\u80fd\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff08\u5806\u7f13\u51b2\u533a\u8d8a\u8fb9\u754c\u8bfb\u53d6\uff09\u3002",
  "discovererName": "Suleman Ali",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03236",
  "openTime": "2018-02-12",
  "patchDescription": "ClamAV AntiVirus software\u662fClamAV\u56e2\u961f\u5f00\u53d1\u7684\u4e00\u5957\u514d\u8d39\u4e14\u5f00\u6e90\u7684\u6740\u6bd2\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u7528\u4e8e\u68c0\u6d4b\u6728\u9a6c\u3001\u75c5\u6bd2\u3001\u6076\u610f\u8f6f\u4ef6\u548c\u5176\u4ed6\u6076\u610f\u5a01\u80c1\u3002\r\n\r\nClamAV AntiVirus software\u4e2d\u7684mew.c\u6587\u4ef6\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u5bf9mew\u6570\u636e\u6587\u4ef6\u6267\u884c\u6b63\u786e\u7684\u8f93\u5165\u9a8c\u8bc1\u68c0\u6d4b\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u6076\u610f\u7684\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u53ef\u80fd\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff08\u5806\u7f13\u51b2\u533a\u8d8a\u8fb9\u754c\u8bfb\u53d6\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ClamAV\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2018-03236\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Clamav clamav \u003c=0.99.2"
  },
  "referenceLink": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html\r\nhttps://bugzilla.clamav.net/show_bug.cgi?id=11943\r\nhttps://lists.debian.org/debian-lts-announce/2018/01/msg00035.html",
  "serverity": "\u9ad8",
  "submitTime": "2018-01-29",
  "title": "ClamAV\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2018-03236\uff09"
}

cleanstart-2026-wx01708

Vulnerability from cleanstart

Published

2026-02-06 01:10

Modified

2026-02-03 13:35

Summary

vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device

Details

Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "clamav"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.2-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-WX01708",
  "modified": "2026-02-03T13:35:45Z",
  "published": "2026-02-06T01:10:02.024980Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WX01708.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-11423"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12374"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12375"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12376"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12377"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12378"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12379"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-12380"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-16932"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2017-6419"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0202"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0360"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-0361"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-1000085"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14680"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14681"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2018-14682"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-12625"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-15961"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-1787"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-1788"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-1789"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-3123"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-3327"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-3341"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-3350"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-3481"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-1252"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-1404"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-1405"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-20698"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-48579"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-20052"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-20197"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-20290"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-20328"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11423"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12374"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12375"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12376"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12378"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12379"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12380"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6419"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0202"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0360"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0361"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14680"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14681"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14682"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12625"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1787"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1788"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1789"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3123"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3327"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3341"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3350"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3481"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1404"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1405"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20698"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48579"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20052"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20197"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20328"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device",
  "upstream": [
    "CVE-2017-11423",
    "CVE-2017-12374",
    "CVE-2017-12375",
    "CVE-2017-12376",
    "CVE-2017-12377",
    "CVE-2017-12378",
    "CVE-2017-12379",
    "CVE-2017-12380",
    "CVE-2017-16932",
    "CVE-2017-6419",
    "CVE-2018-0202",
    "CVE-2018-0360",
    "CVE-2018-0361",
    "CVE-2018-1000085",
    "CVE-2018-14680",
    "CVE-2018-14681",
    "CVE-2018-14682",
    "CVE-2019-12625",
    "CVE-2019-15961",
    "CVE-2019-1787",
    "CVE-2019-1788",
    "CVE-2019-1789",
    "CVE-2020-3123",
    "CVE-2020-3327",
    "CVE-2020-3341",
    "CVE-2020-3350",
    "CVE-2020-3481",
    "CVE-2021-1252",
    "CVE-2021-1404",
    "CVE-2021-1405",
    "CVE-2022-20698",
    "CVE-2022-48579",
    "CVE-2023-20052",
    "CVE-2023-20197",
    "CVE-2024-20290",
    "CVE-2024-20328"
  ]
}

FKIE_CVE-2017-12377

Vulnerability from fkie_nvd - Published: 2018-01-26 20:29 - Updated: 2024-11-21 03:09

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html	Release Notes, Vendor Advisory
psirt@cisco.com	https://bugzilla.clamav.net/show_bug.cgi?id=11943	Exploit, Issue Tracking, Vendor Advisory
psirt@cisco.com	https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html	Mailing List, Third Party Advisory
psirt@cisco.com	https://usn.ubuntu.com/3550-1/
psirt@cisco.com	https://usn.ubuntu.com/3550-2/
af854a3a-2127-422b-91ae-364da2661108	http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.clamav.net/show_bug.cgi?id=11943	Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3550-1/
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/3550-2/

Impacted products

	Vendor	Product	Version
	debian	debian_linux	7.0
	clamav	clamav	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EBE6567-EA27-4686-9351-EA1097D52D5D",
              "versionEndIncluding": "0.99.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
    },
    {
      "lang": "es",
      "value": "ClamAV AntiVirus, en versiones 0.99.2 y anteriores, contiene una vulnerabilidad que podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) o ejecute c\u00f3digo arbitrario en un sistema afectado. La vulnerabilidad se debe a errores en los mecanismos de comprobaci\u00f3n de validaci\u00f3n de entradas en archivos mew packet enviados a un dispositivo afectado. Un exploit con \u00e9xito podr\u00eda provocar una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en mew.c cuando ClamAV escanea el archivo malicioso, permitiendo que el atacante cree una condici\u00f3n de DoS o ejecute c\u00f3digo arbitrario en el dispositivo afectado."
    }
  ],
  "id": "CVE-2017-12377",
  "lastModified": "2024-11-21T03:09:25.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-26T20:29:00.487",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://usn.ubuntu.com/3550-1/"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://usn.ubuntu.com/3550-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/3550-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/3550-2/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-7JPJ-M78Q-VR62

Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2022-05-13 01:42

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-12377"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-26T20:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.",
  "id": "GHSA-7jpj-m78q-vr62",
  "modified": "2022-05-13T01:42:39Z",
  "published": "2022-05-13T01:42:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3550-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3550-2"
    },
    {
      "type": "WEB",
      "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-12377

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-12377

Aliases

CVE-2017-12377

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-12377",
    "description": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.",
    "id": "GSD-2017-12377",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-12377.html",
      "https://ubuntu.com/security/CVE-2017-12377",
      "https://advisories.mageia.org/CVE-2017-12377.html",
      "https://security.archlinux.org/CVE-2017-12377",
      "https://alas.aws.amazon.com/cve/html/CVE-2017-12377.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-12377"
      ],
      "details": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.",
      "id": "GSD-2017-12377",
      "modified": "2023-12-13T01:21:03.820753Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2017-12377",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ClamAV AntiVirus software versions 0.99.2 and prior",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "ClamAV AntiVirus software versions 0.99.2 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "heap overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "USN-3550-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/3550-1/"
          },
          {
            "name": "USN-3550-2",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/3550-2/"
          },
          {
            "name": "https://bugzilla.clamav.net/show_bug.cgi?id=11943",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
          },
          {
            "name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
          },
          {
            "name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
            "refsource": "CONFIRM",
            "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.99.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12377"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.clamav.net/show_bug.cgi?id=11943",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.clamav.net/show_bug.cgi?id=11943"
            },
            {
              "name": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"
            },
            {
              "name": "[debian-lts-announce] 20180128 [SECURITY] [DLA 1261-1] clamav security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"
            },
            {
              "name": "USN-3550-2",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/3550-2/"
            },
            {
              "name": "USN-3550-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/3550-1/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-01-26T20:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-12377 (GCVE-0-2017-12377)

CVE-2017-12377

CNVD-2018-03236

cleanstart-2026-wx01708

Vulnerability from cleanstart

FKIE_CVE-2017-12377

GHSA-7JPJ-M78Q-VR62

GSD-2017-12377

Tags

Sightings

Nomenclature