cisco-sa-clamav-ole2-H549rphA: ClamAV OLE2 File Format Decryption Denial of Service Vulnerability

First published: Wed Jan 22 2025(Updated: )

A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.For a description of this vulnerability, see the ClamAV blog.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/cisco-recent
• source/Cisco
• agent/severity
• agent/title
• agent/weakness
• agent/last-modified-date
• agent/source
• agent/references
• agent/description
• agent/type
• agent/first-publish-date
• agent/event
• agent/tags
• agent/softwarecombine
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/clamav
• canonical/clamav