PT-2019-15255 · Cisco+3 · Clamav+3

Publicado

2019-03-28

Atualizado

2026-02-06

CVE-2019-1789

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 0.101.2

Description The issue is related to a denial of service (DoS) condition that may occur when scanning certain files, such as Windows EXE and DLL files packed with Aspack, due to inadequate bound-checking. This can lead to an out-of-bounds heap read condition.

Recommendations For ClamAV versions prior to 0.101.2, update to version 0.101.2 or later to resolve the issue. As a temporary workaround, consider restricting the scanning of potentially malicious or packed files until the update is applied.

Correção

DoS

Out of bounds Read

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-20

Identificadores relacionados

ALT-PU-2019-1538

CLEANSTART-2026-LA13761

CLEANSTART-2026-NJ87139

CLEANSTART-2026-TC95380

CLEANSTART-2026-WX01708

CVE-2019-1789

DLA-1759-1

MGASA-2019-0162

OPENSUSE-SU-2019:1210-1

OPENSUSE-SU-2019_1208-1

OPENSUSE-SU-2019_1210-1

OPENSUSE-SU-2020:2268-1

OPENSUSE-SU-2020:2276-1

OPENSUSE-SU-2020_2268-1

OPENSUSE-SU-2020_2276-1

OPENSUSE-SU-2024:10685-1

SUSE-SU-2019:0861-1

SUSE-SU-2019:0897-1

SUSE-SU-2019:14015-1

SUSE-SU-2019_14015-1

SUSE-SU-2020:3790-1

USN-3940-1

USN-3940-2

Produtos afetados

Alt Linux

Clamav

Suse

Ubuntu

PT-2019-15255 · Cisco+3 · Clamav+3

CVE-2019-1789

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 177