CVE-2020-37167
8.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ClamAV | ClamBC | 0 < 0.103.0-rc | unaffected |
Weaknesses
- Improper Control of Generation of Code ('Code Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: total
References
- https://www.exploit-db.com/exploits/47687
- https://github.com/Cisco-Talos/clamav/commit/cd2f2975b93277de7f74464d48adb378375a305f
- https://www.clamav.net/
- https://www.vulncheck.com/advisories/clamav-clambc-clambc-executable-regular-expression-error
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.