OSV-2023-893

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-893.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-893
Withdrawn
2023-10-06T07:19:13.117696Z
Published
2023-09-22T14:00:41.559553Z
Modified
2023-09-22T14:00:41.559861Z
Summary
Heap-buffer-overflow in initialize_encryption_key
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62542

Crash type: Heap-buffer-overflow READ {*}
Crash state:
initialize_encryption_key
cli_ole2_extract
cli_scanole2
References

Affected packages

OSS-Fuzz / clamav

Package

Name
clamav
Purl
pkg:generic/clamav

Affected ranges

Type
GIT
Repo
https://github.com/Cisco-Talos/clamav.git
Events

Affected versions

clamav-1.*
clamav-1.0.0
clamav-1.0.0-rc
clamav-1.0.0-rc2
clamav-1.0.1
clamav-1.0.2
clamav-1.0.3
clamav-1.1.0
clamav-1.1.0-rc
clamav-1.1.1
clamav-1.1.2
clamav-1.2.0
clamav-1.2.0-rc

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-893.yaml"