CVE-2019-15961
HIGHClamAV < 0.101.4 - Unauthenticated Denial of Service via MIME Parsing Routines
Title source: llmDescription
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition.
References (5)
Core 5
Core References
Exploit, Issue Tracking, Vendor Advisory vendor-advisory
x_refsource_cisco
https://bugzilla.clamav.net/show_bug.cgi?id=12380
Third Party Advisory vendor-advisory
x_refsource_cisco
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4230-2/
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202003-46
Scores
CVSS v3
7.5
EPSS
0.0221
EPSS Percentile
84.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-400
CWE-20
Status
published
Products (7)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
cisco/email_security_appliance_firmware
11.1.1-042
cisco/email_security_appliance_firmware
11.1.2-023
clamav/clamav
0.102.0
clamav/clamav
< 0.101.4
debian/debian_linux
8.0
Published
Jan 15, 2020
Tracked Since
Feb 18, 2026