{"api_version":"1","generated_at":"2026-04-23T04:32:10+00:00","cve":"CVE-2019-15961","urls":{"html":"https://cve.report/CVE-2019-15961","api":"https://cve.report/api/cve/CVE-2019-15961.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-15961","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-15961"},"summary":{"title":"CVE-2019-15961","description":"A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.","state":"PUBLIC","assigner":"psirt@cisco.com","published_at":"2020-01-15 19:15:00","updated_at":"2022-10-19 18:54:00"},"problem_types":["CWE-400"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html","name":"[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2108-1] clamav security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202003-46","name":"GLSA-202003-46","refsource":"GENTOO","tags":[],"title":"ClamAV: Multiple vulnerabilities (GLSA 202003-46) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010","name":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010","refsource":"CISCO","tags":["Third Party Advisory"],"title":"Cisco Bug: CSCvr56010 - Opened to track: ClamAV for Cisco Email Security Appliance (ESA) Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://usn.ubuntu.com/4230-2/","name":"USN-4230-2","refsource":"UBUNTU","tags":[],"title":"USN-4230-2: ClamAV vulnerability | Ubuntu security notices | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380","name":"https://bugzilla.clamav.net/show_bug.cgi?id=12380","refsource":"CISCO","tags":["Exploit","Issue Tracking","Vendor Advisory"],"title":"Bug 12380 – MIME Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-15961","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15961","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"12.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"email_security_appliance_firmware","cpe6":"11.1.1-042","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"email_security_appliance_firmware","cpe6":"11.1.2-023","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"email_security_appliance_firmware","cpe6":"11.1.1-042","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"email_security_appliance_firmware","cpe6":"11.1.2-023","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clamav","cpe5":"clamav","cpe6":"0.102.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"0.101.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clamav","cpe5":"clamav","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clamav","cpe5":"clamav","cpe6":"0.102.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"15961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-15961","qid":"500096","title":"Alpine Linux Security Update for clamav"},{"cve":"CVE-2019-15961","qid":"503821","title":"Alpine Linux Security Update for clamav"},{"cve":"CVE-2019-15961","qid":"750483","title":"OpenSUSE Security Update for clamav (openSUSE-SU-2020:2276-1)"},{"cve":"CVE-2019-15961","qid":"750485","title":"OpenSUSE Security Update for clamav (openSUSE-SU-2020:2268-1)"},{"cve":"CVE-2019-15961","qid":"900004","title":"CBL-Mariner Linux Security Update for clamav 0.101.2"},{"cve":"CVE-2019-15961","qid":"903412","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for clamav (3169)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2019-15961","STATE":"PUBLIC","TITLE":"Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"ClamAV","version":{"version_data":[{"version_affected":"<=","version_value":"0.102.0"},{"version_affected":"<","version_value":"0.101.4"}]}}]},"vendor_name":"ClamAV"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.clamav.net/show_bug.cgi?id=12380","refsource":"CISCO","url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380"},{"name":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010","refsource":"CISCO","url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"},{"refsource":"UBUNTU","name":"USN-4230-2","url":"https://usn.ubuntu.com/4230-2/"},{"refsource":"MLIST","name":"[debian-lts-announce] 20200218 [SECURITY] [DLA 2108-1] clamav security update","url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"},{"refsource":"GENTOO","name":"GLSA-202003-46","url":"https://security.gentoo.org/glsa/202003-46"}]},"source":{"advisory":"CSCvr56010","defect":["CSCvr56010"],"discovery":"USER"}},"nvd":{"publishedDate":"2020-01-15 19:15:00","lastModifiedDate":"2022-10-19 18:54:00","problem_types":["CWE-400"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":7.1},"severity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndIncluding":"0.101.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clamav:clamav:0.102.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"15961","Ordinal":"155530","Title":"CVE-2019-15961","CVE":"CVE-2019-15961","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"15961","Ordinal":"1","NoteData":"A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"15961","Ordinal":"2","NoteData":"2020-01-15","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"15961","Ordinal":"3","NoteData":"2020-03-19","Type":"Other","Title":"Modified"}]}}}