CVE-2024-20505

A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:clamav:clamav:1.4.0:::::::*
	cpe:2.3:a:clamav:clamav::::::::
	cpe:2.3:a:clamav:clamav::::::::
	cpe:2.3:a:clamav:clamav::::::::

History

12 Sep 2024, 17:28

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
First Time		Clamav Clamav clamav
CWE		CWE-125
References	~~() https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html -~~	() https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html - Patch, Vendor Advisory
CPE		cpe:2.3:a:clamav:clamav:::::::: cpe:2.3:a:clamav:clamav:1.4.0:::::::*

04 Sep 2024, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-04 22:15

Updated : 2025-03-25 16:15

NVD link : CVE-2024-20505

Mitre link : CVE-2024-20505

JSON object : View

Products Affected

clamav

clamav

CWE

CWE-125

Out-of-bounds Read

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html", "name": "https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html", "tags": ["Patch", "Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-125"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-20505", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2024-09-04T22:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:clamav:clamav:1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.3.2", "versionStartIncluding": "1.2.0"}, {"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.103.12"}, {"cpe23Uri": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.0.7", "versionStartIncluding": "0.104.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-03-25T16:15Z"}