Vulnerability Details : CVE-2017-12376
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause a handle_pdfname (in pdf.c) buffer overflow when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2017-12376
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-12376
1.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-12376
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2017-12376
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-12376
-
https://bugzilla.clamav.net/show_bug.cgi?id=11942
Bug 11942 – Heap overflow in handle_pdfname (pdf.c)Exploit;Issue Tracking;Patch;Vendor Advisory
-
https://usn.ubuntu.com/3550-2/
USN-3550-2: ClamAV vulnerabilities | Ubuntu security notices
-
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
ClamAV® blog: ClamAV 0.99.3 has been released!Release Notes;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html
[SECURITY] [DLA 1261-1] clamav security updateMailing List;Third Party Advisory
-
https://usn.ubuntu.com/3550-1/
USN-3550-1: ClamAV vulnerabilities | Ubuntu security notices
Jump to