Unrated severityNVD Advisory· Published Apr 8, 2019· Updated Nov 19, 2024
Clam AntiVirus RAR Directory Traversal Vulnerability
CVE-2019-1785
Description
A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanisms when processing nested RAR files sent to an affected device. An attacker could exploit this vulnerability by sending a crafted RAR file to an affected device. An exploit could allow the attacker to view or create arbitrary files on the targeted system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/clamav&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/clamav&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/clamav&distro=openSUSE%20Tumbleweedpkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
< 0.103.0-lp151.2.12.1+ 4 more
- (no CPE)range: < 0.103.0-lp151.2.12.1
- (no CPE)range: < 0.103.0-lp152.6.3.1
- (no CPE)range: < 0.103.3-1.4
- (no CPE)range: < 0.103.0-3.23.1
- (no CPE)range: < 0.103.0-3.23.1
- Range: 0.101.1
Patches
Vulnerability mechanics
References
2- security.gentoo.org/glsa/201904-12mitrevendor-advisoryx_refsource_GENTOO
- bugzilla.clamav.net/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.