PT-2019-15255 · Cisco+3 · Clamav+3

Published

2019-03-28

Updated

2026-02-06

CVE-2019-1789

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ClamAV versions prior to 0.101.2

Description The issue is related to a denial of service (DoS) condition that may occur when scanning certain files, such as Windows EXE and DLL files packed with Aspack, due to inadequate bound-checking. This can lead to an out-of-bounds heap read condition.

Recommendations For ClamAV versions prior to 0.101.2, update to version 0.101.2 or later to resolve the issue. As a temporary workaround, consider restricting the scanning of potentially malicious or packed files until the update is applied.

Fix

DoS

Out of bounds Read

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-20

Related Identifiers

ALT-PU-2019-1538

CLEANSTART-2026-LA13761

CLEANSTART-2026-NJ87139

CLEANSTART-2026-TC95380

CLEANSTART-2026-WX01708

CVE-2019-1789

DLA-1759-1

MGASA-2019-0162

OPENSUSE-SU-2019:1210-1

OPENSUSE-SU-2019_1208-1

OPENSUSE-SU-2019_1210-1

OPENSUSE-SU-2020:2268-1

OPENSUSE-SU-2020:2276-1

OPENSUSE-SU-2020_2268-1

OPENSUSE-SU-2020_2276-1

OPENSUSE-SU-2024:10685-1

SUSE-SU-2019:0861-1

SUSE-SU-2019:0897-1

SUSE-SU-2019:14015-1

SUSE-SU-2019_14015-1

SUSE-SU-2020:3790-1

USN-3940-1

USN-3940-2

Affected Products

Alt Linux

Clamav

Suse

Ubuntu

PT-2019-15255 · Cisco+3 · Clamav+3

CVE-2019-1789

Weakness Enumeration

Related Identifiers

Affected Products

References · 177