CVE-2019-1787

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-1787
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1787.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-1787
Downstream
Related
Published
2019-04-08T19:29:05.540Z
Modified
2026-04-02T01:45:01.422967Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device.

References

Affected packages

Git / github.com/cisco-talos/clamav

Affected ranges

Type
GIT
Repo
https://github.com/cisco-talos/clamav
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
077cf7859080798aa2d51401b35fe3f5ff5d334f
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.101.1"
        }
    ]
}

Affected versions

0.*
0.93.3
0.94.1rc1
Other
CLAMAV_090RC1
CLAMAV_090RC2
CLAMAV_090RC3
CLAMAV_0_70
CLAMAV_0_71
CLAMAV_0_80
CLAMAV_0_80RC
CLAMAV_0_80RC1
CLAMAV_0_80RC3
CLAMAV_0_80RC4
CLAMAV_0_81
CLAMAV_0_84RC1
clamav-20080204
merge-llvm-79908
merge-llvm-80601
merge-llvm-83242
merge-llvm-90002
merge-llvm-91214
merge-llvm-91428
merge-llvm-92222
merge-llvm-94539
merge-llvm-97877
r5076
start
test_prefilter_enable
test_prefilter_enable2
test_prefiltering_disable
clamav-0.*
clamav-0.100-beta
clamav-0.100.0
clamav-0.100.0-rc
clamav-0.100.1
clamav-0.100.2
clamav-0.100.3
clamav-0.101.0
clamav-0.101.0-beta
clamav-0.101.0-rc
clamav-0.101.1
clamav-0.102.0
clamav-0.102.0-beta
clamav-0.102.0-rc
clamav-0.102.1
clamav-0.102.2
clamav-0.102.3
clamav-0.102.4
clamav-0.103.0
clamav-0.103.0-rc
clamav-0.103.0-rc2
clamav-0.103.1
clamav-0.103.10
clamav-0.103.11
clamav-0.103.12
clamav-0.103.2
clamav-0.103.3
clamav-0.103.4
clamav-0.103.5
clamav-0.103.6
clamav-0.103.7
clamav-0.103.8
clamav-0.103.9
clamav-0.104.0
clamav-0.104.0-rc2
clamav-0.104.1
clamav-0.104.2
clamav-0.104.3
clamav-0.104.4
clamav-0.105.0
clamav-0.105.0-rc
clamav-0.105.0-rc2
clamav-0.105.1
clamav-0.105.2
clamav-0.82
clamav-0.83
clamav-0.90.1
clamav-0.91
clamav-0.91rc2
clamav-0.92
clamav-0.92_sf
clamav-0.92rc1
clamav-0.92rc2
clamav-0.93
clamav-0.93.1rc1
clamav-0.94
clamav-0.94.1
clamav-0.94.1rc1
clamav-0.94.2
clamav-0.94rc1
clamav-0.95
clamav-0.95.1
clamav-0.95.2
clamav-0.95.3
clamav-0.95rc1
clamav-0.95rc2
clamav-0.96
clamav-0.96.1
clamav-0.96.2
clamav-0.96.3
clamav-0.96.4
clamav-0.96.5
clamav-0.96rc1
clamav-0.96rc2
clamav-0.97
clamav-0.97.1
clamav-0.97.2
clamav-0.97.3
clamav-0.97.4
clamav-0.97.5
clamav-0.97.6
clamav-0.97.7
clamav-0.97.8
clamav-0.97rc
clamav-0.98
clamav-0.98-dmgxar
clamav-0.98.1
clamav-0.98.1rc
clamav-0.98.2
clamav-0.98.3
clamav-0.98.4
clamav-0.98.4-rc1
clamav-0.98.5
clamav-0.98.5-rc1
clamav-0.98.5-rc2
clamav-0.98.5beta
clamav-0.98.6
clamav-0.98.7
clamav-0.98rc
clamav-0.98rc2
clamav-0.99
clamav-0.99-beta1
clamav-0.99-beta2
clamav-0.99-rc1
clamav-0.99-rc2
clamav-0.99.1
clamav-0.99.1-beta1
clamav-0.99.2
clamav-0.99.3
clamav-0.99.3-beta1
clamav-0.99.3-beta2
clamav-0.99.4
clamav-1.*
clamav-1.0.0
clamav-1.0.0-rc
clamav-1.0.0-rc2
clamav-1.0.1
clamav-1.0.2
clamav-1.0.3
clamav-1.0.4
clamav-1.0.5
clamav-1.0.6
clamav-1.0.7
clamav-1.0.8
clamav-1.0.9
clamav-1.1.0
clamav-1.1.0-rc
clamav-1.1.1
clamav-1.1.2
clamav-1.1.3
clamav-1.2.0
clamav-1.2.0-rc
clamav-1.2.1
clamav-1.2.2
clamav-1.2.3
clamav-1.3.0
clamav-1.3.0-rc
clamav-1.3.0-rc2
clamav-1.3.1
clamav-1.3.2
clamav-1.4.0
clamav-1.4.0-rc
clamav-1.4.1
clamav-1.4.2
clamav-1.4.3
clamav-1.4.4
clamav-1.5.0
clamav-1.5.0-beta
clamav-1.5.0-rc
clamav-1.5.1
clamav-1.5.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1787.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.3"
            }
        ]
    }
]