CVE-2011-2721 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-2721 PUBLISHED CVSS 5 MEDIUM

Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.

EPSS 7.43% · 91.7th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

7.43%

91.7th percentile

Affected Products

Vendor	Product	Versions
clamav	clamav	0.97, 0, 0.01
n/a	n/a	n/a

Timeline

Aug 5, 2011 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

45382 third-party-advisory
FEDORA-2011-15033 vendor-advisory
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2 url
1025858 vdb
https://bugzilla.redhat.com/show_bug.cgi?id=725694 url
USN-1179-1 vendor-advisory
https://bugzilla.novell.com/show_bug.cgi?id=708263 url
46717 third-party-advisory
[oss-security] 20110726 CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes mailing-list
clamav-scan-dos(68785) vdb
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5 url
FEDORA-2011-15076 vendor-advisory
FEDORA-2011-15119 vendor-advisory
[oss-security] 20110726 Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes mailing-list
48891 vdb
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818 url
74181 vdb
MDVSA-2011:122 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2011-2721 advisory
http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.2 url

…and 1 more

Open in Interactive Console →