Denial of Service Vulnerability in ClamAV by Cisco
CVE-2018-0202

5.5MEDIUM

Key Information:

Vendor: Clamav
Status: Clamav
Vendor: CVE Published:; 27 March 2018

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2018-0202?

ClamAV versions earlier than 0.99.4 contain a vulnerability that can be exploited by unauthenticated remote attackers, potentially causing a denial of service (DoS). This issue arises from inadequate input validation mechanisms when handling specially crafted Portable Document Format (.pdf) files. An attacker could send a maliciously constructed .pdf file that triggers an out-of-bounds read during scanning by ClamAV. This vulnerability particularly affects the pdf_parse_array and pdf_parse_string functions within libclamav/pdfng.c, which can disrupt normal operations and lead to service unavailability.

Affected Version(s)

ClamAV ClamAV

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2018-0202
Created by jaychowjingjie

References

https://usn.ubuntu.com/3592-2/

vendor-advisoryx_refsource_UBUNTU

https://bugzilla.clamav.net/show_bug.cgi?id=11973

x_refsource_CONFIRM

https://bugzilla.clamav.net/show_bug.cgi?id=11980

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Nov 24, 2018
👾
Exploit known to exist
Nov 24, 2018
Vulnerability published
Mar 27, 2018
Vulnerability Reserved
Nov 27, 2017

Clamav

Badges

What is CVE-2018-0202?

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline