ClamAV versions 0.101.2 Out-of-bounds Read Vulnerability

Summary

ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability.

Credit:

The information has been provided by Micah Snyder 

The original article can be found at:https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html


Details

An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.

 

Vulnerable Systems:

ClamAV versions prior to 0.101.2 

 

CVE Information:

CVE-2019-1789

 

Disclosure Timeline:
Published Date:11/5/2019