CVE-2004-1909 — Anti-virus Clamav vulnerability

6 documents6 sources

Severity

2.6LOWNVD

EPSS

1.1%

top 21.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clamav Clam Anti-virus Clamav

Timeline

PublishedDec 31

Latest updateApr 29

Description

Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDclam_anti-virus/clamav0.65, 0.67+1

▶Debianclamav/clamav< 0.68.1+3

Patches

Patch: secunia.com ↗Patch: security.gentoo.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5c7m-cf2v-r6qf: Claim Anti-Virus (ClamAV) 0↗2022-04-29

▶

CVEList

CVE-2004-1909: Claim Anti-Virus (ClamAV) 0↗2005-05-10

▶

OSV

CVE-2004-1909: Claim Anti-Virus (ClamAV) 0↗2004-12-31

▶

📋Vendor Advisories

Debian

CVE-2004-1909: clamav - Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a de...↗2004

▶

🕵️Threat Intelligence

Unit42

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350↗2020-07-21

▶