CVE-2017-6420
- Source
- https://cve.org/CVERecord?id=CVE-2017-6420
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6420.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-6420
- Downstream
- Related
- Published
- 2017-08-07T03:29:00.307Z
- Modified
- 2026-04-16T06:20:00.952096200Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
- References
Affected packages
Git / github.com/cisco-talos/clamav
Affected versions
clamav-0.*
clamav-0.96
clamav-0.96.2
clamav-0.96.3
clamav-0.96.4
clamav-0.96.5
clamav-0.96rc1
clamav-0.96rc2
clamav-0.97
clamav-0.97rc
clamav-0.99.2
Other
merge-llvm-97877
r5076
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6420.json"
vanir_signatures
[
{
"source": "https://github.com/cisco-talos/clamav/commit/dfc00cd3301a42b571454b51a6102eecf58407bc",
"target": {
"function": "wwunpack",
"file": "libclamav/wwunpack.c"
},
"deprecated": false,
"digest": {
"length": 3832.0,
"function_hash": "139298605883294768074466177189333198170"
},
"signature_type": "Function",
"id": "CVE-2017-6420-8db5ad48",
"signature_version": "v1"
},
{
"source": "https://github.com/cisco-talos/clamav/commit/dfc00cd3301a42b571454b51a6102eecf58407bc",
"target": {
"file": "libclamav/wwunpack.c"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"35527508808006729459757378903195264297",
"136599601490254595440116583910458001390",
"213343516002541788284701737169634229176",
"38984029225980571671566102348353921465"
]
},
"id": "CVE-2017-6420-c120f9f5"
}
]
vanir_signatures_modified
"2026-04-11T04:14:38Z"