CVE-2018-0361

CVSS 3.3 - LOW

Description

ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.

Affected Products

2

Vendor	Product	Version
clamav	clamav	`All versions`
debian	debian_linux	`8.0`

References

http://www.securitytracker.com/id/1041367

https://blog.clamav.net/2018/07/clamav-01001-has-b...

https://lists.debian.org/debian-lts-announce/2018/...

https://security.gentoo.org/glsa/201904-12

http://www.securitytracker.com/id/1041367

https://blog.clamav.net/2018/07/clamav-01001-has-b...

https://lists.debian.org/debian-lts-announce/2018/...

https://security.gentoo.org/glsa/201904-12

Weakness Types

CWE-20

CVE Information

CVE ID:: CVE-2018-0361
Published:: 2018-07-16
Modified:: 2024-11-21
CVSS Score:: 3.3
Severity:: LOW
Vector:: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Vendors

clamav debian

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL