ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms of .tar (Tape Archive) files sent to an affected device. A successful exploit could cause a checksum buffer over-read condition when ClamAV scans the malicious .tar file, potentially allowing the attacker to cause a DoS condition on the affected device.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-01-26T20:00:00
Updated: 2024-08-05T18:36:56.387Z
Reserved: 2017-08-03T00:00:00
Link: CVE-2017-12378
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-01-26T20:29:00.550
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-12378
Redhat
No data.