CVE-2018-0360

Published: Jul 16, 2018

Modified: Nov 29, 2024

PUBLISHED

Description

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.

Vendor	Product	Versions
n/a	ClamAV before 0.100.1 unknown	affected `ClamAV before 0.100.1 unknown`

References

1041367

vdb-entry

x_refsource_SECTRACK

https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html

x_refsource_CONFIRM

USN-3722-1

vendor-advisory

x_refsource_UBUNTU

https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/

x_refsource_MISC

USN-3722-2

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update

mailing-list

x_refsource_MLIST

GLSA-201904-12

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-0360

Description

Affected Products

References