cve-2019-15961

Vulnerability from cvelistv5

Published

2020-01-15 19:05

Modified

2024-11-15 17:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
ykramarz@cisco.com	https://bugzilla.clamav.net/show_bug.cgi?id=12380	Exploit, Issue Tracking, Vendor Advisory
ykramarz@cisco.com	https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html	Mailing List, Third Party Advisory
ykramarz@cisco.com	https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010	Third Party Advisory
ykramarz@cisco.com	https://security.gentoo.org/glsa/202003-46	Third Party Advisory
ykramarz@cisco.com	https://usn.ubuntu.com/4230-2/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.clamav.net/show_bug.cgi?id=12380	Exploit, Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202003-46	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4230-2/	Third Party Advisory

Impacted products

Vendor

Product

Version

▼

ClamAV

Version: unspecified <
Version: unspecified < 0.101.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
          },
          {
            "name": "USN-4230-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4230-2/"
          },
          {
            "name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
          },
          {
            "name": "GLSA-202003-46",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-46"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-15961",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:22:50.686102Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:48:05.688Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ClamAV",
          "vendor": "ClamAV",
          "versions": [
            {
              "lessThanOrEqual": "0.102.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "0.101.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-19T22:06:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
        },
        {
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
        },
        {
          "name": "USN-4230-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4230-2/"
        },
        {
          "name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
        },
        {
          "name": "GLSA-202003-46",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-46"
        }
      ],
      "source": {
        "advisory": "CSCvr56010",
        "defect": [
          "CSCvr56010"
        ],
        "discovery": "USER"
      },
      "title": "Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-15961",
          "STATE": "PUBLIC",
          "TITLE": "Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ClamAV",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "0.102.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "0.101.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ClamAV"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12380",
              "refsource": "CISCO",
              "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010",
              "refsource": "CISCO",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
            },
            {
              "name": "USN-4230-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4230-2/"
            },
            {
              "name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
            },
            {
              "name": "GLSA-202003-46",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-46"
            }
          ]
        },
        "source": {
          "advisory": "CSCvr56010",
          "defect": [
            "CSCvr56010"
          ],
          "discovery": "USER"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-15961",
    "datePublished": "2020-01-15T19:05:16",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:48:05.688Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-15961\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2020-01-15T19:15:13.317\",\"lastModified\":\"2024-11-21T04:29:49.740\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el m\u00f3dulo de an\u00e1lisis de correo electr\u00f3nico  de Clam AntiVirus (ClamAV) Software versiones 0.102.0, 0.101.4 y anteriores, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio en un dispositivo afectado. La vulnerabilidad es debido a rutinas de an\u00e1lisis MIME ineficientes que resultan en tiempos de an\u00e1lisis extremadamente largos de archivos de correo electr\u00f3nico con formato especial. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un archivo de correo electr\u00f3nico dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el proceso de escaneo de ClamAV escanee el archivo de correo electr\u00f3nico dise\u00f1ado indefinidamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.101.4\",\"matchCriteriaId\":\"B0BC0A3F-96C6-40A9-8FD7-FA36F7650256\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38845FB7-5C4A-4E4F-81D2-F3338DEDC2BB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"357904C5-F794-4F22-84A8-9BFDD7801166\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EECA7F2-8101-445B-A8B3-ACAD1FB6BD8E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.clamav.net/show_bug.cgi?id=12380\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-46\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4230-2/\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.clamav.net/show_bug.cgi?id=12380\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-46\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4230-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. ========================================================================= Ubuntu Security Notice USN-4230-2 January 23, 2020

clamav vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 14.04 ESM
Ubuntu 12.04 ESM

Summary:

ClamAV could be made to crash if it opened a specially crafted file.

Software Description: - clamav: Anti-virus utility for Unix

Details:

USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that ClamAV incorrectly handled certain MIME messages.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM: clamav 0.102.1+dfsg-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References: https://usn.ubuntu.com/4230-2 https://usn.ubuntu.com/4230-1 CVE-2019-15961 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-46

                                       https://security.gentoo.org/

Severity: Low Title: ClamAV: Multiple vulnerabilities Date: March 19, 2020 Bugs: #702010, #708424 ID: 202003-46

Synopsis

Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition.

Background

ClamAV is a GPL virus scanner.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-antivirus/clamav < 0.102.2 >= 0.102.2

Description

Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time.

Resolution

All ClamAV users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.102.2"

References

[ 1 ] CVE-2019-15961 https://nvd.nist.gov/vuln/detail/CVE-2019-15961 [ 2 ] CVE-2020-3123 https://nvd.nist.gov/vuln/detail/CVE-2020-3123

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/202003-46

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202001-0770",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "clamav",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "clamav",
        "version": "0.101.4"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "clamav",
        "version": "0.102.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "8.0"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "12.04"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "14.04"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "11.1.1-042"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "11.1.2-023"
      },
      {
        "model": "e email security appliance",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:clamav:clamav",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cisco:email_security_appliance_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu,Tomasz Kojm,Gentoo",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-15961",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2019-15961",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-148060",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-15961",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ykramarz@cisco.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-15961",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-15961",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-15961",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "ykramarz@cisco.com",
            "id": "CVE-2019-15961",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-15961",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201911-1262",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-148060",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-15961",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Clam AntiVirus (ClamAV) software Contains a resource exhaustion vulnerability.Denial of service (DoS) May be in a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. A resource management error vulnerability exists in Clam AntiVirus versions prior to 0.102.1 and versions prior to 0.101.5. =========================================================================\nUbuntu Security Notice USN-4230-2\nJanuary 23, 2020\n\nclamav vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nClamAV could be made to crash if it opened a specially crafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-4230-1 fixed a vulnerability in ClamAV. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled certain MIME messages. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n  clamav                          0.102.1+dfsg-0ubuntu0.14.04.1+esm1\n\nUbuntu 12.04 ESM:\n  clamav                          0.102.1+dfsg-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n  https://usn.ubuntu.com/4230-2\n  https://usn.ubuntu.com/4230-1\n  CVE-2019-15961\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202003-46\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n    Title: ClamAV: Multiple vulnerabilities\n     Date: March 19, 2020\n     Bugs: #702010, #708424\n       ID: 202003-46\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in ClamAV, the worst of which\ncould result in a Denial of Service condition. \n\nBackground\n==========\n\nClamAV is a GPL virus scanner. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-antivirus/clamav        \u003c 0.102.2                 \u003e= 0.102.2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll ClamAV users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-antivirus/clamav-0.102.2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2019-15961\n      https://nvd.nist.gov/vuln/detail/CVE-2019-15961\n[ 2 ] CVE-2020-3123\n      https://nvd.nist.gov/vuln/detail/CVE-2020-3123\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-46\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "db": "PACKETSTORM",
        "id": "156831"
      },
      {
        "db": "PACKETSTORM",
        "id": "155883"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-15961",
        "trust": 2.9
      },
      {
        "db": "PACKETSTORM",
        "id": "155883",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "156831",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "156073",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0552",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4350",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4540",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0071.2",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0071",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.4412",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4568",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "155421",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-148060",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "db": "PACKETSTORM",
        "id": "156831"
      },
      {
        "db": "PACKETSTORM",
        "id": "155883"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "id": "VAR-202001-0770",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      }
    ],
    "trust": 0.53892258
  },
  "last_update_date": "2024-11-23T21:26:27.091000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Bug 12380",
        "trust": 0.8,
        "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
      },
      {
        "title": "Cisco Bug: CSCvr56010 - Opened to track: ClamAV for Cisco Email Security Appliance (ESA) Denial of Service Vulnerability",
        "trust": 0.8,
        "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
      },
      {
        "title": "Clam AntiVirus Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108207"
      },
      {
        "title": "Ubuntu Security Notice: clamav vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4230-1"
      },
      {
        "title": "Ubuntu Security Notice: clamav vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4230-2"
      },
      {
        "title": "Debian CVElist Bug Report Logs: new upstream version 0.102.1 to fix CVE-2019-15961",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8d35b8b88a91d7df7c4a2aec03a4e3d1"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2020-1335",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2020-1335"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2019-15961 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-20",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://usn.ubuntu.com/4230-2/"
      },
      {
        "trust": 1.9,
        "url": "https://security.gentoo.org/glsa/202003-46"
      },
      {
        "trust": 1.8,
        "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
      },
      {
        "trust": 1.8,
        "url": "https://quickview.cloudapps.cisco.com/quickview/bug/cscvr56010"
      },
      {
        "trust": 1.8,
        "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
      },
      {
        "trust": 1.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15961"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15961"
      },
      {
        "trust": 0.7,
        "url": "https://usn.ubuntu.com/4230-1/"
      },
      {
        "trust": 0.6,
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193177-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193176-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914236-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/155421/clam-antivirus-toolkit-0.102.1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4350/"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/155883/ubuntu-security-notice-usn-4230-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0071/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4568/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4412/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0071.2/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.4540/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0552/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/clamav-denial-of-service-via-mime-messages-parsing-30920"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/156831/gentoo-linux-security-advisory-202003-46.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/156073/ubuntu-security-notice-usn-4230-2.html"
      },
      {
        "trust": 0.2,
        "url": "https://usn.ubuntu.com/4230-1"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/400.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110968"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/4230-2"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3123"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.16.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.18.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.19.10.2"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "db": "PACKETSTORM",
        "id": "156831"
      },
      {
        "db": "PACKETSTORM",
        "id": "155883"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "db": "PACKETSTORM",
        "id": "156831"
      },
      {
        "db": "PACKETSTORM",
        "id": "155883"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "date": "2020-01-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "date": "2020-02-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "date": "2020-01-23T19:19:09",
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "date": "2020-03-19T22:01:09",
        "db": "PACKETSTORM",
        "id": "156831"
      },
      {
        "date": "2020-01-08T16:53:54",
        "db": "PACKETSTORM",
        "id": "155883"
      },
      {
        "date": "2019-11-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "date": "2020-01-15T19:15:13.317000",
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-03-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-148060"
      },
      {
        "date": "2022-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-15961"
      },
      {
        "date": "2020-02-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      },
      {
        "date": "2020-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      },
      {
        "date": "2024-11-21T04:29:49.740000",
        "db": "NVD",
        "id": "CVE-2019-15961"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "156073"
      },
      {
        "db": "PACKETSTORM",
        "id": "155883"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      }
    ],
    "trust": 0.8
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Clam AntiVirus software Vulnerabilities related to resource exhaustion",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014125"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201911-1262"
      }
    ],
    "trust": 0.6
  }
}

ghsa-4w5h-pwr8-qh64

Vulnerability from github

Published

2022-05-24 17:06

Modified

2022-10-19 19:00

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-15961"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-15T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.",
  "id": "GHSA-4w5h-pwr8-qh64",
  "modified": "2022-10-19T19:00:17Z",
  "published": "2022-05-24T17:06:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15961"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
    },
    {
      "type": "WEB",
      "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202003-46"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4230-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2019-15961

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2019-15961

Aliases

CVE-2019-15961

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-15961",
    "description": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.",
    "id": "GSD-2019-15961",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-15961.html",
      "https://ubuntu.com/security/CVE-2019-15961",
      "https://advisories.mageia.org/CVE-2019-15961.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2019-15961.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-15961"
      ],
      "details": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.",
      "id": "GSD-2019-15961",
      "modified": "2023-12-13T01:23:38.522845Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2019-15961",
        "STATE": "PUBLIC",
        "TITLE": "Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ClamAV",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_value": "0.102.0"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_value": "0.101.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ClamAV"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20 Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12380",
            "refsource": "CISCO",
            "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
          },
          {
            "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010",
            "refsource": "CISCO",
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
          },
          {
            "name": "USN-4230-2",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/4230-2/"
          },
          {
            "name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
          },
          {
            "name": "GLSA-202003-46",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202003-46"
          }
        ]
      },
      "source": {
        "advisory": "CSCvr56010",
        "defect": [
          "CSCvr56010"
        ],
        "discovery": "USER"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.101.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-15961"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010",
              "refsource": "CISCO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"
            },
            {
              "name": "https://bugzilla.clamav.net/show_bug.cgi?id=12380",
              "refsource": "CISCO",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.clamav.net/show_bug.cgi?id=12380"
            },
            {
              "name": "USN-4230-2",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/4230-2/"
            },
            {
              "name": "[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"
            },
            {
              "name": "GLSA-202003-46",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202003-46"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-10-19T18:54Z",
      "publishedDate": "2020-01-15T19:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2019-15961

Vulnerability from cvelistv5

var-202001-0770

Vulnerability from variot

clamav vulnerability

Synopsis

Background

Affected packages

Description

Workaround

Resolution

References

Availability

Concerns?

License

ghsa-4w5h-pwr8-qh64

Vulnerability from github

gsd-2019-15961

Vulnerability from gsd

Tags

Sightings

Nomenclature