Vulnerabilities > CVE-2019-1788 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
clamav
opensuse
debian
CWE-787
nessus

Summary

A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device.

Vulnerable Configurations

Part Description Count
Application
Clamav
166
OS
Opensuse
2
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1759.NASL
    descriptionOut-of-bounds read and write conditions have been fixed in clamav. CVE-2019-1787 An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. CVE-2019-1788 An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. CVE-2019-1789 An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id124217
    published2019-04-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124217
    titleDebian DLA-1759-1 : clamav security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0861-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123749
    published2019-04-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123749
    titleSUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2019:0861-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1213.NASL
    descriptionAn out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. (CVE-2019-1787) An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. (CVE-2019-1789) An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. (CVE-2019-1788)
    last seen2020-06-01
    modified2020-06-02
    plugin id125295
    published2019-05-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125295
    titleAmazon Linux AMI : clamav (ALAS-2019-1213)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3940-1.NASL
    descriptionIt was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2019-1787) It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-1788) It was discovered that ClamAV incorrectly handled scanning certain PE files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2019-1789). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123932
    published2019-04-09
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123932
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : clamav vulnerabilities (USN-3940-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-14015-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123972
    published2019-04-10
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123972
    titleSUSE SLES11 Security Update : clamav (SUSE-SU-2019:14015-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0897-1.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721) : CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123923
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123923
    titleSUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:0897-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201904-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201904-12 (ClamAV: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id123984
    published2019-04-11
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123984
    titleGLSA-201904-12 : ClamAV: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1208.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721): 	 - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). - CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id124101
    published2019-04-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124101
    titleopenSUSE Security Update : clamav (openSUSE-2019-1208)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1210.NASL
    descriptionThis update for clamav to version 0.100.3 fixes the following issues : Security issues fixed (bsc#1130721): 	 - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files (i.e. Windows EXE and DLL files). - CVE-2019-1788: Fixed an out-of-bounds heap write condition which may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id124103
    published2019-04-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124103
    titleopenSUSE Security Update : clamav (openSUSE-2019-1210)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_84CE26C3576911E9ABD6001B217B3468.NASL
    descriptionClamav reports : An out-of-bounds heap read condition may occur when scanning PDF documents An out-of-bounds heap read condition may occur when scanning PE files An out-of-bounds heap write condition may occur when scanning OLE2 files An out-of-bounds heap read condition may occur when scanning malformed PDF documents A path-traversal write condition may occur as a result of improper input validation when scanning RAR archives A use-after-free condition may occur as a result of improper error handling when scanning nested RAR archives
    last seen2020-06-01
    modified2020-06-02
    plugin id123809
    published2019-04-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123809
    titleFreeBSD : clamav -- multiple vulnerabilities (84ce26c3-5769-11e9-abd6-001b217b3468)