CVE-2021-1252

Published on: 04/08/2021 12:00:00 AM UTC

Last Modified on: 04/14/2021 07:56:00 PM UTC

CVE-2021-1252 - advisory for https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html

Source: Mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Clamav from Clamav contain the following vulnerability:

A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.

  • CVE-2021-1252 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
  • Affected Vendor/Software: Cisco - ClamAV version = 0.103.0
  • Affected Vendor/Software: Cisco - ClamAV version = 0.103.1

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 7.8 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
ClamAV® blog: ClamAV 0.103.2 security patch release blog.clamav.net
text/html
URL Logo CISCO blog.clamav.net/2021/04/clamav-01032-security-patch-release.html

Related QID Numbers

  • 174899 SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1174-1)
  • 174903 SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1190-1)
  • 174911 SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1189-1)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationClamavClamav0.103.0AllAllAll
ApplicationClamavClamav0.103.1AllAllAll
  • cpe:2.3:a:clamav:clamav:0.103.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:clamav:clamav:0.103.1:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @OpenBSD_ports [email protected] modified security/clamav: update to clamav-0.103.2, blog.clamav.net/2021/04/clamav… CVE-2021-1252 <… twitter.com/i/web/status/1… 2021-04-07 19:55:33
Twitter Icon @OpenBSD_ports OPENBSD_6_8 [email protected] modified security/clamav: update to clamav-0.103.2, blog.clamav.net/2021/04/clamav… CVE-2021-1252 <… twitter.com/i/web/status/1… 2021-04-07 19:55:34
Twitter Icon @OpenBSD_stable OPENBSD_6_8 [email protected] modified security/clamav: update to clamav-0.103.2, blog.clamav.net/2021/04/clamav… CVE-2021-1252 <… twitter.com/i/web/status/1… 2021-04-07 19:55:34
Twitter Icon @CVEreport CVE-2021-1252 : A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus ClamAV Software versions… twitter.com/i/web/status/1… 2021-04-08 04:29:04
Twitter Icon @vigilance_fr [email protected] #Vulnérabilité de ClamAV : surcharge via Excel XLM. vigilance.fr/vulnerabilite/… Références : #CVE-2021-1252.… twitter.com/i/web/status/1… 2021-04-08 11:09:03
Twitter Icon @vigilance_en [email protected] #Vulnerability of ClamAV: overload via Excel XLM. vigilance.fr/vulnerability/… Identifiers: #CVE-2021-1252.… twitter.com/i/web/status/1… 2021-04-08 11:09:04
Twitter Icon @Har_sia CVE-2021-1252 har-sia.info/CVE-2021-1252.… #HarsiaInfo 2021-04-08 18:27:03