Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-1252 (GCVE-0-2021-1252)
Vulnerability from cvelistv5 – Published: 2021-04-08 04:25 – Updated: 2024-11-08 23:25
VLAI
EPSS
Title
Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
Summary
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
Severity
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://blog.clamav.net/2021/04/clamav-01032-secu… | vendor-advisoryx_refsource_CISCO |
Date Public
2021-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:02:36.719227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:25:50.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ClamAV",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "0.103.0"
},
{
"status": "affected",
"version": "0.103.1"
}
]
}
],
"datePublic": "2021-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T04:25:10.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
},
"title": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-04-08T12:08:00.000Z",
"ID": "CVE-2021-1252",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.103.0"
},
{
"version_affected": "=",
"version_value": "0.103.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
]
},
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1252",
"datePublished": "2021-04-08T04:25:10.891Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-08T23:25:50.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-1252",
"date": "2026-05-29",
"epss": "0.00604",
"percentile": "0.69908"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-1252\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2021-04-08T05:15:12.237\",\"lastModified\":\"2024-11-21T05:43:55.940\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de macros Excel XLM en Clam AntiVirus (ClamAV) versiones 0.103.0 y 0.103.1 del software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un manejo inapropiado de errores que puede resultar en un bucle infinito.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo de Excel dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV se bloquee, resultando en una condici\u00f3n de denegaci\u00f3n de servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C776BACB-EE82-4BE9-86C9-C20732E42E7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E389C4-E99E-464E-9466-02204167FEB4\"}]}]}],\"references\":[{\"url\":\"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T16:02:56.276Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-1252\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T20:02:36.719227Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T20:10:04.456Z\"}}], \"cna\": {\"title\": \"Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability\", \"source\": {\"advisory\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"ClamAV\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.103.0\"}, {\"status\": \"affected\", \"version\": \"0.103.1\"}]}], \"datePublic\": \"2021-04-08T00:00:00.000Z\", \"references\": [{\"url\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2021-04-08T04:25:10.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"advisory\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"0.103.0\", \"version_affected\": \"=\"}, {\"version_value\": \"0.103.1\", \"version_affected\": \"=\"}]}, \"product_name\": \"ClamAV\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"name\": \"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20 Improper Input Validation\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-1252\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2021-04-08T12:08:00.000Z\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-1252\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-08T23:25:50.669Z\", \"dateReserved\": \"2020-11-13T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2021-04-08T04:25:10.891Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Уязвимость модуля анализа макросов Excel XLM пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость модуля анализа макросов Excel XLM пакета антивирусных программ ClamAV существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании
Severity
Vendor
Canonical Ltd., Сообщество свободного программного обеспечения, Novell Inc., ООО «Ред Софт», The ClamAV Team, АО «ИВК»
Software Name
Ubuntu, Debian GNU/Linux, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, SUSE Linux Enterprise Point of Sale, SUSE OpenStack Cloud, SUSE Enterprise Storage, РЕД ОС (запись в едином реестре российских программ №3751), HPE Helion Openstack, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, OpenSUSE Leap, SUSE CaaS Platform, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Clam Antivirus, Альт 8 СП (запись в едином реестре российских программ №4305)
Software Version
16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 12 SP2-BCL (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP2-BCL (Suse Linux Enterprise Server), 11 SP3 (SUSE Linux Enterprise Point of Sale), 15 (SUSE Linux Enterprise Server for SAP Applications), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 11 SP4-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP3-LTSS (Suse Linux Enterprise Server), 14.04 ESM (Ubuntu), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 12 SP5 (Suse Linux Enterprise Server), 12 SP3-BCL (SUSE Linux Enterprise Server for SAP Applications), 12 SP3-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), Crowbar 8 (SUSE OpenStack Cloud), 10 (Debian GNU/Linux), 6 (SUSE Enterprise Storage), 7.2 Муром (РЕД ОС), 8 (HPE Helion Openstack), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP3-ESPOS (SUSE Linux Enterprise Server for SAP Applications), 9 (SUSE OpenStack Cloud), 15-ESPOS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), Crowbar 9 (SUSE OpenStack Cloud), 15 SP2 (SUSE Linux Enterprise Module for Basesystem), 20.04 LTS (Ubuntu), 20.10 (Ubuntu), 15.2 (OpenSUSE Leap), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP4-ESPOS (SUSE Linux Enterprise Server for SAP Applications), 4.0 (SUSE CaaS Platform), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP1-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 0.103.0 (Clam Antivirus), 0.103.1 (Clam Antivirus), 15 SP3 (SUSE Linux Enterprise Module for Basesystem), 12 SP2-LTSS-ERICSSON (Suse Linux Enterprise Server), 12 SP2-LTSS-SAP (Suse Linux Enterprise Server), 12 SP2-LTSS-ERICSSON (SUSE Linux Enterprise Server for SAP Applications), 12 SP2-LTSS-SAP (SUSE Linux Enterprise Server for SAP Applications), - (Альт 8 СП)
Possible Mitigations
Использование рекомендаций:
Для ClamAV:
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2021-1252
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2021-1252/
Для Ubuntu:
https://ubuntu.com/security/notices/USN-4918-1
https://ubuntu.com/security/notices/USN-4918-2
Для РЕД ОС:
https://redos.red-soft.ru/updatesec/
Для ОС Альт 8 СП:
Обновление программного обеспечения до актуальной версии
Reference
https://altsp.su/obnovleniya-bezopasnosti/
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
https://redos.red-soft.ru/updatesec/
https://security-tracker.debian.org/tracker/CVE-2021-1252
https://ubuntu.com/security/notices/USN-4918-1
https://ubuntu.com/security/notices/USN-4918-2
https://www.suse.com/security/cve/CVE-2021-1252/
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, The ClamAV Team, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 12 SP2-BCL (SUSE Linux Enterprise Server for SAP Applications), 12 SP3 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP2-BCL (Suse Linux Enterprise Server), 11 SP3 (SUSE Linux Enterprise Point of Sale), 15 (SUSE Linux Enterprise Server for SAP Applications), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 11 SP4-LTSS (Suse Linux Enterprise Server), 11 SP4-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP3-LTSS (Suse Linux Enterprise Server), 14.04 ESM (Ubuntu), 8 (SUSE OpenStack Cloud), 12 SP3-BCL (Suse Linux Enterprise Server), 12 SP5 (Suse Linux Enterprise Server), 12 SP3-BCL (SUSE Linux Enterprise Server for SAP Applications), 12 SP3-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), Crowbar 8 (SUSE OpenStack Cloud), 10 (Debian GNU/Linux), 6 (SUSE Enterprise Storage), 7.2 \u041c\u0443\u0440\u043e\u043c (\u0420\u0415\u0414 \u041e\u0421), 8 (HPE Helion Openstack), 12 SP3-ESPOS (Suse Linux Enterprise Server), 12 SP3-ESPOS (SUSE Linux Enterprise Server for SAP Applications), 9 (SUSE OpenStack Cloud), 15-ESPOS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (SUSE Linux Enterprise High Performance Computing), 15-LTSS (Suse Linux Enterprise Server), Crowbar 9 (SUSE OpenStack Cloud), 15 SP2 (SUSE Linux Enterprise Module for Basesystem), 20.04 LTS (Ubuntu), 20.10 (Ubuntu), 15.2 (OpenSUSE Leap), 12 SP4-ESPOS (Suse Linux Enterprise Server), 12 SP4-LTSS (SUSE Linux Enterprise Server for SAP Applications), 12 SP4-ESPOS (SUSE Linux Enterprise Server for SAP Applications), 4.0 (SUSE CaaS Platform), 12 SP4-LTSS (Suse Linux Enterprise Server), 15 SP1-BCL (Suse Linux Enterprise Server), 15 SP1-LTSS (Suse Linux Enterprise Server), 15 SP1-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP1-ESPOS (SUSE Linux Enterprise High Performance Computing), 4.0 (SUSE Manager Proxy), 4.0 (SUSE Manager Retail Branch Server), 4.0 (SUSE Manager Server), 0.103.0 (Clam Antivirus), 0.103.1 (Clam Antivirus), 15 SP3 (SUSE Linux Enterprise Module for Basesystem), 12 SP2-LTSS-ERICSSON (Suse Linux Enterprise Server), 12 SP2-LTSS-SAP (Suse Linux Enterprise Server), 12 SP2-LTSS-ERICSSON (SUSE Linux Enterprise Server for SAP Applications), 12 SP2-LTSS-SAP (SUSE Linux Enterprise Server for SAP Applications), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f ClamAV:\nhttps://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-1252\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2021-1252/\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-4918-1\nhttps://ubuntu.com/security/notices/USN-4918-2\n\n\u0414\u043b\u044f \u0420\u0415\u0414 \u041e\u0421:\nhttps://redos.red-soft.ru/updatesec/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.04.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.04.2022",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "27.04.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-02219",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-1252",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, SUSE Linux Enterprise Point of Sale, SUSE OpenStack Cloud, SUSE Enterprise Storage, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), HPE Helion Openstack, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, OpenSUSE Leap, SUSE CaaS Platform, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, Clam Antivirus, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP1 , Novell Inc. Suse Linux Enterprise Server 11 SP4-LTSS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 11 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP3-LTSS , Canonical Ltd. Ubuntu 14.04 ESM , Novell Inc. Suse Linux Enterprise Server 12 SP3-BCL , Novell Inc. Suse Linux Enterprise Server 12 SP5 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.2 \u041c\u0443\u0440\u043e\u043c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Novell Inc. Suse Linux Enterprise Server 12 SP3-ESPOS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS , Novell Inc. Suse Linux Enterprise Server 15-LTSS , Canonical Ltd. Ubuntu 20.04 LTS , Canonical Ltd. Ubuntu 20.10 , Novell Inc. OpenSUSE Leap 15.2 , Novell Inc. Suse Linux Enterprise Server 12 SP4-ESPOS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4-ESPOS , Novell Inc. Suse Linux Enterprise Server 12 SP4-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP1-BCL , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS-ERICSSON , Novell Inc. Suse Linux Enterprise Server 12 SP2-LTSS-SAP , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS-ERICSSON , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS-SAP ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 Excel XLM \u043f\u0430\u043a\u0435\u0442\u0430 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c ClamAV, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 Excel XLM \u043f\u0430\u043a\u0435\u0442\u0430 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c ClamAV \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://altsp.su/obnovleniya-bezopasnosti/\nhttps://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html\nhttps://redos.red-soft.ru/updatesec/\nhttps://security-tracker.debian.org/tracker/CVE-2021-1252\nhttps://ubuntu.com/security/notices/USN-4918-1\nhttps://ubuntu.com/security/notices/USN-4918-2\nhttps://www.suse.com/security/cve/CVE-2021-1252/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
cleanstart-2026-la13761
Vulnerability from cleanstart
Published
2026-01-30 14:05
Modified
2026-01-29 18:58
Summary
vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Details
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "clamav"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LA13761",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:05:50.594365Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LA13761"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20328"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20328"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device",
"upstream": [
"CVE-2017-11423",
"CVE-2017-12374",
"CVE-2017-12375",
"CVE-2017-12376",
"CVE-2017-12377",
"CVE-2017-12378",
"CVE-2017-12379",
"CVE-2017-12380",
"CVE-2017-16932",
"CVE-2017-6419",
"CVE-2018-0202",
"CVE-2018-0360",
"CVE-2018-0361",
"CVE-2018-1000085",
"CVE-2018-14680",
"CVE-2018-14681",
"CVE-2018-14682",
"CVE-2019-12625",
"CVE-2019-15961",
"CVE-2019-1787",
"CVE-2019-1788",
"CVE-2019-1789",
"CVE-2020-3123",
"CVE-2020-3327",
"CVE-2020-3341",
"CVE-2020-3350",
"CVE-2020-3481",
"CVE-2021-1252",
"CVE-2021-1404",
"CVE-2021-1405",
"CVE-2022-20698",
"CVE-2022-48579",
"CVE-2023-20052",
"CVE-2023-20197",
"CVE-2024-20290",
"CVE-2024-20328"
]
}
cleanstart-2026-nj87139
Vulnerability from cleanstart
Published
2026-01-30 14:17
Modified
2026-01-29 18:58
Summary
vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Details
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "clamav"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NJ87139",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:17:21.473350Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NJ87139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20328"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20328"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device",
"upstream": [
"CVE-2017-11423",
"CVE-2017-12374",
"CVE-2017-12375",
"CVE-2017-12376",
"CVE-2017-12377",
"CVE-2017-12378",
"CVE-2017-12379",
"CVE-2017-12380",
"CVE-2017-16932",
"CVE-2017-6419",
"CVE-2018-0202",
"CVE-2018-0360",
"CVE-2018-0361",
"CVE-2018-1000085",
"CVE-2018-14680",
"CVE-2018-14681",
"CVE-2018-14682",
"CVE-2019-12625",
"CVE-2019-15961",
"CVE-2019-1787",
"CVE-2019-1788",
"CVE-2019-1789",
"CVE-2020-3123",
"CVE-2020-3327",
"CVE-2020-3341",
"CVE-2020-3350",
"CVE-2020-3481",
"CVE-2021-1252",
"CVE-2021-1404",
"CVE-2021-1405",
"CVE-2022-20698",
"CVE-2022-48579",
"CVE-2023-20052",
"CVE-2023-20197",
"CVE-2024-20290",
"CVE-2024-20328"
]
}
cleanstart-2026-tc95380
Vulnerability from cleanstart
Published
2026-02-06 01:06
Modified
2026-02-03 13:35
Summary
vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Details
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "clamav"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TC95380",
"modified": "2026-02-03T13:35:45Z",
"published": "2026-02-06T01:06:01.062694Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TC95380"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20328"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20328"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device",
"upstream": [
"CVE-2017-11423",
"CVE-2017-12374",
"CVE-2017-12375",
"CVE-2017-12376",
"CVE-2017-12377",
"CVE-2017-12378",
"CVE-2017-12379",
"CVE-2017-12380",
"CVE-2017-16932",
"CVE-2017-6419",
"CVE-2018-0202",
"CVE-2018-0360",
"CVE-2018-0361",
"CVE-2018-1000085",
"CVE-2018-14680",
"CVE-2018-14681",
"CVE-2018-14682",
"CVE-2019-12625",
"CVE-2019-15961",
"CVE-2019-1787",
"CVE-2019-1788",
"CVE-2019-1789",
"CVE-2020-3123",
"CVE-2020-3327",
"CVE-2020-3341",
"CVE-2020-3350",
"CVE-2020-3481",
"CVE-2021-1252",
"CVE-2021-1404",
"CVE-2021-1405",
"CVE-2022-20698",
"CVE-2022-48579",
"CVE-2023-20052",
"CVE-2023-20197",
"CVE-2024-20290",
"CVE-2024-20328"
]
}
cleanstart-2026-wx01708
Vulnerability from cleanstart
Published
2026-02-06 01:10
Modified
2026-02-03 13:35
Summary
vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Details
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "clamav"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-WX01708",
"modified": "2026-02-03T13:35:45Z",
"published": "2026-02-06T01:10:02.024980Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WX01708.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-20328"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11423"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12374"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12375"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12376"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12378"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12379"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12380"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0202"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0360"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0361"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000085"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14680"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14681"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14682"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12625"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1787"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1788"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1789"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3123"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3327"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3341"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3350"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3481"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1404"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20698"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20052"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20197"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20290"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20328"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device",
"upstream": [
"CVE-2017-11423",
"CVE-2017-12374",
"CVE-2017-12375",
"CVE-2017-12376",
"CVE-2017-12377",
"CVE-2017-12378",
"CVE-2017-12379",
"CVE-2017-12380",
"CVE-2017-16932",
"CVE-2017-6419",
"CVE-2018-0202",
"CVE-2018-0360",
"CVE-2018-0361",
"CVE-2018-1000085",
"CVE-2018-14680",
"CVE-2018-14681",
"CVE-2018-14682",
"CVE-2019-12625",
"CVE-2019-15961",
"CVE-2019-1787",
"CVE-2019-1788",
"CVE-2019-1789",
"CVE-2020-3123",
"CVE-2020-3327",
"CVE-2020-3341",
"CVE-2020-3350",
"CVE-2020-3481",
"CVE-2021-1252",
"CVE-2021-1404",
"CVE-2021-1405",
"CVE-2022-20698",
"CVE-2022-48579",
"CVE-2023-20052",
"CVE-2023-20197",
"CVE-2024-20290",
"CVE-2024-20328"
]
}
Title
Clam AntiVirus无限循环漏洞
Description
Clam AntiVirus(ClamAV)是一个类UNIX系统上使用的反病毒软件包。主要应用于邮件服务器,采用多线程后台操作,可以自动升级病毒库。
Clam AntiVirus 0.103.0、0.103.1版中的Excel XLM宏分析模块存在无限循环漏洞。该漏洞源于错误处理不当。攻击者可通过将特制Excel文件发送到受影响的设备利用该漏洞导致ClamAV扫描进程崩溃,从而可导致拒绝服务。
Severity
高
Patch Name
Clam AntiVirus无限循环漏洞的补丁
Patch Description
Clam AntiVirus(ClamAV)是一个类UNIX系统上使用的反病毒软件包。主要应用于邮件服务器,采用多线程后台操作,可以自动升级病毒库。
Clam AntiVirus 0.103.0、0.103.1版中的Excel XLM宏分析模块存在无限循环漏洞。该漏洞源于错误处理不当。攻击者可通过将特制Excel文件发送到受影响的设备利用该漏洞导致ClamAV扫描进程崩溃,从而可导致拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-1252
Impacted products
| Name | ['ClamAV Clamav 0.103.0', 'ClamAV Clamav 0.103.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-1252",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
}
},
"description": "Clam AntiVirus\uff08ClamAV\uff09\u662f\u4e00\u4e2a\u7c7bUNIX\u7cfb\u7edf\u4e0a\u4f7f\u7528\u7684\u53cd\u75c5\u6bd2\u8f6f\u4ef6\u5305\u3002\u4e3b\u8981\u5e94\u7528\u4e8e\u90ae\u4ef6\u670d\u52a1\u5668\uff0c\u91c7\u7528\u591a\u7ebf\u7a0b\u540e\u53f0\u64cd\u4f5c\uff0c\u53ef\u4ee5\u81ea\u52a8\u5347\u7ea7\u75c5\u6bd2\u5e93\u3002\n\nClam AntiVirus 0.103.0\u30010.103.1\u7248\u4e2d\u7684Excel XLM\u5b8f\u5206\u6790\u6a21\u5757\u5b58\u5728\u65e0\u9650\u5faa\u73af\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u9519\u8bef\u5904\u7406\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c06\u7279\u5236Excel\u6587\u4ef6\u53d1\u9001\u5230\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4ClamAV\u626b\u63cf\u8fdb\u7a0b\u5d29\u6e83\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-28300",
"openTime": "2021-04-15",
"patchDescription": "Clam AntiVirus\uff08ClamAV\uff09\u662f\u4e00\u4e2a\u7c7bUNIX\u7cfb\u7edf\u4e0a\u4f7f\u7528\u7684\u53cd\u75c5\u6bd2\u8f6f\u4ef6\u5305\u3002\u4e3b\u8981\u5e94\u7528\u4e8e\u90ae\u4ef6\u670d\u52a1\u5668\uff0c\u91c7\u7528\u591a\u7ebf\u7a0b\u540e\u53f0\u64cd\u4f5c\uff0c\u53ef\u4ee5\u81ea\u52a8\u5347\u7ea7\u75c5\u6bd2\u5e93\u3002\r\n\r\nClam AntiVirus 0.103.0\u30010.103.1\u7248\u4e2d\u7684Excel XLM\u5b8f\u5206\u6790\u6a21\u5757\u5b58\u5728\u65e0\u9650\u5faa\u73af\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u9519\u8bef\u5904\u7406\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5c06\u7279\u5236Excel\u6587\u4ef6\u53d1\u9001\u5230\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4ClamAV\u626b\u63cf\u8fdb\u7a0b\u5d29\u6e83\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Clam AntiVirus\u65e0\u9650\u5faa\u73af\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"ClamAV Clamav 0.103.0",
"ClamAV Clamav 0.103.1"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252",
"serverity": "\u9ad8",
"submitTime": "2021-04-09",
"title": "Clam AntiVirus\u65e0\u9650\u5faa\u73af\u6f0f\u6d1e"
}
FKIE_CVE-2021-1252
Vulnerability from fkie_nvd - Published: 2021-04-08 05:15 - Updated: 2024-11-21 05:43
Severity
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C776BACB-EE82-4BE9-86C9-C20732E42E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E389C4-E99E-464E-9466-02204167FEB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de macros Excel XLM en Clam AntiVirus (ClamAV) versiones 0.103.0 y 0.103.1 del software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a un manejo inapropiado de errores que puede resultar en un bucle infinito.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo de Excel dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV se bloquee, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-1252",
"lastModified": "2024-11-21T05:43:55.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-08T05:15:12.237",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5QM5-4FJV-GHCW
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-08-06 00:00
VLAI
Details
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2021-1252"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-835"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-08T05:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.",
"id": "GHSA-5qm5-4fjv-ghcw",
"modified": "2022-08-06T00:00:41Z",
"published": "2022-05-24T17:46:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1252"
},
{
"type": "WEB",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-1252
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-1252",
"description": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.",
"id": "GSD-2021-1252",
"references": [
"https://www.suse.com/security/cve/CVE-2021-1252.html",
"https://ubuntu.com/security/CVE-2021-1252",
"https://security.archlinux.org/CVE-2021-1252"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-1252"
],
"details": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.",
"id": "GSD-2021-1252",
"modified": "2023-12-13T01:23:22.784829Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-04-08T12:08:00.000Z",
"ID": "CVE-2021-1252",
"STATE": "PUBLIC",
"TITLE": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ClamAV",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.103.0"
},
{
"version_affected": "=",
"version_value": "0.103.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
]
},
"source": {
"advisory": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2021-1252"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html",
"refsource": "CISCO",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-05T17:18Z",
"publishedDate": "2021-04-08T05:15Z"
}
}
}
MSRC_CVE-2021-1252
Vulnerability from csaf_microsoft - Published: 2021-04-02 00:00 - Updated: 2023-03-10 00:00Summary
Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-1252.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2023-03-10T00:00:00.000Z",
"generator": {
"date": "2025-12-27T18:58:05.450Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-1252",
"initial_release_date": "2021-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-04-15T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2023-03-10T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 clamav 0.103.2-1",
"product": {
"name": "\u003ccm1 clamav 0.103.2-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 clamav 0.103.2-1",
"product": {
"name": "cm1 clamav 0.103.2-1",
"product_id": "16999"
}
}
],
"category": "product_name",
"name": "clamav"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 clamav 0.103.2-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 clamav 0.103.2-1 as a component of CBL Mariner 1.0",
"product_id": "16999-16820"
},
"product_reference": "16999",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-1252",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "general",
"text": "cisco",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16999-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-1252 Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-1252.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-15T00:00:00.000Z",
"details": "0.103.2-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "Clam AntiVirus (ClamAV) Excel XLM Parser Denial of Service Vulnerability"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…