On Feb 15 2023 the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier 0.105.1 and earlier and 0.103.7 and earlier could allow an unauthenticated remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.

🗓️ 01 Mar 2023 08:00:00Reported by MicrosoftType

ClamAV DMG parser flaw enables unauthenticated remote data leakage via XML external entity injection from crafted DMG files.

Reporter	Title	Published	Views	Family All 77
GithubExploit	Exploit for XML Entity Expansion in Cisco Secure_Endpoint	16 May 202617:00	–	githubexploit
GithubExploit	Exploit for Use After Free in Autodesk 3Ds_Max	8 May 202318:34	–	githubexploit
GithubExploit	Exploit for XML Entity Expansion in Cisco Secure_Endpoint	14 Feb 202617:00	–	githubexploit
GithubExploit	Exploit for Improper Restriction of XML External Entity Reference in Cisco Secure_Endpoint	7 Apr 202605:08	–	githubexploit
GithubExploit	Exploit for XML Entity Expansion in Cisco Secure_Endpoint	8 May 202318:34	–	githubexploit
ALT Linux	Security fix for the ALT Linux 9 package clamav version 0.103.8-alt1	17 Mar 202300:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package clamav version 0.103.8-alt1	27 Mar 202300:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package clamav version 0.103.8-alt1	15 Mar 202300:00	–	altlinux
Tenable Nessus	Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-112)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : clamav (ALAS-2023-1964)	23 Feb 202300:00	–	nessus