Vulnerability Details : CVE-2012-3501
The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cause a denial of service (daemon crash) via a URL with certain characters, as demonstrated using %0D or %0A.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2012-3501
- cpe:2.3:a:darold:squidclamav:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.7:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:darold:squidclamav:5.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3501
5.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3501
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-3501
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3501
-
https://github.com/darold/squidclamav/commit/80f74451f628264d1d9a1f1c0bbcebc932ba5e00
Add a workaround for a squidGuard bug that unescape the URL and send … · darold/squidclamav@80f7445 · GitHubExploit;Patch
-
http://www.securityfocus.com/bid/54663
SquidClamav URL Parsing Denial of Service Vulnerability
-
http://www.openwall.com/lists/oss-security/2012/08/16/4
oss-security - Re: CVE Request: SquidClamav insufficient escaping flaws
-
https://bugs.gentoo.org/show_bug.cgi?id=428778
428778 – (CVE-2012-3501) <net-proxy/squidclamav-6.8 : URL Parsing Denial of Service Vulnerability (CVE-2012-3501)
-
http://freecode.com/projects/squidclamav/releases/346722
All releases of SquidClamAv – Freecode
-
http://www.openwall.com/lists/oss-security/2012/08/16/2
oss-security - CVE Request: SquidClamav insufficient escaping flaws
-
http://squidclamav.darold.net/news.html
404 Not FoundVendor Advisory
Jump to