SecuriTricks - CVE-2024-20505

Description

A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.

Product(s) Impacted

Vendor	Product	Versions
Clamav	Clamav	*, 1.4.0

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	clamav	clamav	/	/	/	/	/	/	/	/
a	clamav	clamav	/	/	/	/	/	/	/	/
a	clamav	clamav	/	/	/	/	/	/	/	/
a	clamav	clamav	1.4.0	/	/	/	/	/	/	/

References

https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

CVSS Score

7.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

View Vector String

Timeline

Published: Sept. 4, 2024, 10:15 p.m.
Last Modified: Sept. 12, 2024, 5:28 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

ykramarz@cisco.com

CVE-2024-20505