CVE-2021-1405Classic Buffer Overflow in Cisco Clamav

CWE-120Classic Buffer OverflowCWE-909Missing Initialization of Resource12 documents8 sources
Severity
7.5HIGHNVD
EPSS
1.5%
top 18.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
ClamavCisco ClamavDebian Linux
Timeline
PublishedApr 8
Latest updateMay 24

Description

A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process c

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

Debianclamav/clamav< 0.103.2+dfsg-1+3
CVEListV5cisco/clamavunspecified0.103.1
NVDclamav/clamav0.103.1

Also affects: Debian Linux 9.0

🔴Vulnerability Details

6
GHSA
GHSA-8r66-4vx2-hf6v: A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 02022-05-24
OSV
clamav regression2021-05-03
OSV
clamav vulnerabilities2021-04-20
OSV
clamav vulnerabilities2021-04-19
OSV
CVE-2021-1405: A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 02021-04-08

📋Vendor Advisories

4
Ubuntu
ClamAV vulnerabilities2021-04-20
Ubuntu
ClamAV vulnerabilities2021-04-19
Microsoft
Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability2021-04-13
Debian
CVE-2021-1405: clamav - A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software ...2021

🕵️Threat Intelligence

1
Talos
Vulnerability Spotlight: Vulnerabilities in Gerbv could lead to code execution, information disclosure2022-02-24
CVE-2021-1405 — Classic Buffer Overflow in Cisco Clamav | cvebase