Home

CVE-2018-0361

Description

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.719

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-0360,CVE-2018-0361 are affected in Clamav 0.100.0Windows
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.14.04.1_i386.debLinux
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.14.04.1_amd64.debLinux
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.16.04.1_i386.debLinux
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.16.04.1_amd64.debLinux
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.18.04.1_i386.debLinux
Anti-virus utility for Unix (USN-3722-1) clamav_0.100.1+dfsg-1ubuntu0.18.04.1_amd64.debLinux
SUSE-SU-2018:2232-1(SUSE Linux Enterprise Server 11-SP4 ) clamav-0.100.1-0.20.15.1.x86_64.rpmLinux
SUSE-SU-2018:2323-1(SUSE Linux Enterprise Desktop 12-SP3 ) clamav-0.100.1-33.15.2.x86_64.rpmLinux
SUSE-SU-2018:2323-1(SUSE Linux Enterprise Desktop 12-SP3 ) clamav-debuginfo-0.100.1-33.15.2.x86_64.rpmLinux
SUSE-SU-2018:2323-1(SUSE Linux Enterprise Desktop 12-SP3 ) clamav-debugsource-0.100.1-33.15.2.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-341177ClamAV (0.103.12)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234