Intrusion PreventionClamAV.OLE2.uniq_add.Out.of.Bounds.Write
Description
This indicates an attack attempt to exploit an Out of Bounds Write Vulnerability in ClamAV Project ClamAV
A remote attacker could exploit this vulnerability by sending a malicious OLE2 file to an affected system where it would be automatically scanned by ClamAV. Alternatively, an attacker could entice an user to manually scan a malicious OLE2 file with ClamAV. Successful exploitation of this vulnerability could result in denial-of-service conditions, or, in the worst case, arbitrary code execution in the security context of ClamAV.
Affected Products
ClamAV Project ClamAV prior to 0.100.3
ClamAV Project ClamAV prior to 0.101.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-14 | 14.633 | Default_action:pass:drop |
| 2019-06-06 | 14.627 | Severity:critical:medium |
| 2019-05-01 | 14.605 |
| ID | 47790 |
| Created | May 01, 2019 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2019-1788 |
| Exploit Prediction Score | 15.03% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |