What is CVE-2019-1789?

CVE-2019-1789 is a high-severity vulnerability in Cisco Clamav, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2019-11-05.

How severe is CVE-2019-1789?

High severity. CVSS v3 base score is 7.5 out of 10.

Improper input validation in Cisco Clamav

CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.006 (69.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Cisco Clamav — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-1789?: CVE-2019-1789 is a high-severity vulnerability in Cisco Clamav, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2019-11-05.
How severe is CVE-2019-1789?: High severity. CVSS v3 base score is 7.5 out of 10.