Vulnerabilities > CVE-2019-1787 - Out-of-bounds Read vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
clamav
debian
opensuse
CWE-125
nessus

Summary

A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.

Vulnerable Configurations

Part Description Count
Application
Clamav
166
OS
Debian
1
OS
Opensuse
2

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1759.NASL
    descriptionOut-of-bounds read and write conditions have been fixed in clamav. CVE-2019-1787 An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. CVE-2019-1788 An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. CVE-2019-1789 An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id124217
    published2019-04-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124217
    titleDebian DLA-1759-1 : clamav security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0861-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123749
    published2019-04-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123749
    titleSUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2019:0861-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1213.NASL
    descriptionAn out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. (CVE-2019-1787) An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. (CVE-2019-1789) An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. (CVE-2019-1788)
    last seen2020-06-01
    modified2020-06-02
    plugin id125295
    published2019-05-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125295
    titleAmazon Linux AMI : clamav (ALAS-2019-1213)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3940-1.NASL
    descriptionIt was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2019-1787) It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-1788) It was discovered that ClamAV incorrectly handled scanning certain PE files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2019-1789). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123932
    published2019-04-09
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123932
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : clamav vulnerabilities (USN-3940-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-14015-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123972
    published2019-04-10
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123972
    titleSUSE SLES11 Security Update : clamav (SUSE-SU-2019:14015-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0897-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123923
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123923
    titleSUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:0897-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201904-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201904-12 (ClamAV: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id123984
    published2019-04-11
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123984
    titleGLSA-201904-12 : ClamAV: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1208.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721): 	 - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). - CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id124101
    published2019-04-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124101
    titleopenSUSE Security Update : clamav (openSUSE-2019-1208)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1210.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721): 	 - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). - CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id124103
    published2019-04-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124103
    titleopenSUSE Security Update : clamav (openSUSE-2019-1210)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_84CE26C3576911E9ABD6001B217B3468.NASL
    descriptionClamav reports : An out-of-bounds heap read condition may occur when scanning PDF documents An out-of-bounds heap read condition may occur when scanning PE files An out-of-bounds heap write condition may occur when scanning OLE2 files An out-of-bounds heap read condition may occur when scanning malformed PDF documents A path-traversal write condition may occur as a result of improper input validation when scanning RAR archives A use-after-free condition may occur as a result of improper error handling when scanning nested RAR archives
    last seen2020-06-01
    modified2020-06-02
    plugin id123809
    published2019-04-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123809
    titleFreeBSD : clamav -- multiple vulnerabilities (84ce26c3-5769-11e9-abd6-001b217b3468)