Clam AntiVirus RAR Directory Traversal Vulnerability
CVE-2019-1785

9.8CRITICAL

Key Information:

Vendor: Cisco
Status: Clamav
Vendor: CVE Published:; 8 April 2019

Badges

👾 Exploit Exists

What is CVE-2019-1785?

A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ClamAV 0.101.1

ClamAV 0.101.0

References

https://bugzilla.clamav.net/show_bug.cgi?id=12284

x_refsource_MISC

https://security.gentoo.org/glsa/201904-12

vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 4, 2024
Vulnerability published
Apr 8, 2019
Vulnerability Reserved
Dec 6, 2018

JSON

Cisco

Badges

What is CVE-2019-1785?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.