7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.017 Low
EPSS
Percentile
87.7%
The vulnerability of the ClamAV antivirus software package is related to a boundary error in the module of database loading
signatures. Exploitation of the vulnerability could allow an attacker acting remotely to transfer specially crafted data to an application, cause a buffer overflow in dynamic memory, and execute arbitrary operations.
specially crafted data, cause a buffer overflow in dynamic memory, and execute arbitrary
code on the target system
The vulnerability in the ClamAV antivirus software package is related to a bounds error in the file parser of the
OLE2. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially
a specially crafted file to an application, cause a release error, and execute arbitrary code on the target system
A vulnerability in the ClamAV antivirus software package is related to an infinite loop in the TIFF file analyzer.
Exploitation of the vulnerability could allow an attacker acting remotely to consume all available
system resources and cause denial of service conditions
A vulnerability in the ClamAV antivirus software package is related to a memory leak in HTML file parsing. Exploitation
exploitation of the vulnerability could allow an attacker acting remotely to send a specially crafted HTML file to the antivirus software.
a specially crafted HTML file to antivirus software, cause a memory leak, and execute a denial-of-service attack.
denial of service
A vulnerability in the ClamAV antivirus software package is related to an infinite loop in the CHM file analyzer.
Exploitation of the vulnerability could allow an attacker acting remotely to consume all available
system resources and cause denial of service conditions
A vulnerability in the ClamAV antivirus software package is related to a NULL pointer dereferencing error in the scan verdict cache.
scan verdict cache. Exploitation of the vulnerability could allow an attacker acting remotely,
transmit specially crafted data to an application and perform a denial-of-service (DoS) attack
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
0.017 Low
EPSS
Percentile
87.7%