cbcvebase.
CVE-2019-1785
published 2019-04-08

CVE-2019-1785: A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote…

PriorityP343high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
1.80%
75.8th percentile
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.

Affected

10 ranges
VendorProductVersion rangeFixed in
ciscoclamav
ciscoclamav
clamavclamav
clamavclamav
clamavclamav>= 0 < 0.101.2+dfsg-10.101.2+dfsg-1
clamavclamav>= 0 < 0.101.2+dfsg-10.101.2+dfsg-1
clamavclamav>= 0 < 0.101.2+dfsg-10.101.2+dfsg-1
clamavclamav>= 0 < 0.101.2+dfsg-10.101.2+dfsg-1
debianclamav< clamav 0.101.2+dfsg-1 (bookworm)clamav 0.101.2+dfsg-1 (bookworm)
debianlibclamunrar< clamav 0.101.2+dfsg-1 (bookworm)clamav 0.101.2+dfsg-1 (bookworm)

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.