VYPR
Critical severity9.8NVD Advisory· Published Jan 26, 2018· Updated Jun 17, 2026

CVE-2017-12377

CVE-2017-12377

Description

ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. The vulnerability is due to improper input validation checking mechanisms in mew packet files sent to an affected device. A successful exploit could cause a heap-based buffer over-read condition in mew.c when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition or potentially execute arbitrary code on the affected device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.