CVE-2018-0360 - Vulnerability Details - OpenCVE

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Canonical	Ubuntu Linux
Clamav	Clamav
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securitytracker.com/id/1041367
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/
https://security.gentoo.org/glsa/201904-12
https://usn.ubuntu.com/3722-1/
https://usn.ubuntu.com/3722-2/

History

Fri, 29 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-07-16T17:00:00

Updated: 2024-11-29T14:55:17.564Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0360

Vulnrichment

Updated: 2024-08-05T03:21:15.512Z

NVD

Status : Modified

Published: 2018-07-16T17:29:00.283

Modified: 2024-11-21T03:38:03.643

Link: CVE-2018-0360

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "ClamAV before 0.100.1 unknown", "vendor": "n/a", "versions": [{"status": "affected", "version": "ClamAV before 0.100.1 unknown"}]}], "datePublic": "2018-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."}], "problemTypes": [{"descriptions": [{"description": "integer overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-11T02:06:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1041367", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041367"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"}, {"name": "USN-3722-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3722-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"}, {"name": "USN-3722-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3722-2/"}, {"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"}, {"name": "GLSA-201904-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201904-12"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0360", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ClamAV before 0.100.1 unknown", "version": {"version_data": [{"version_value": "ClamAV before 0.100.1 unknown"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "integer overflow"}]}]}, "references": {"reference_data": [{"name": "1041367", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041367"}, {"name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "refsource": "CONFIRM", "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"}, {"name": "USN-3722-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3722-1/"}, {"name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/", "refsource": "MISC", "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"}, {"name": "USN-3722-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3722-2/"}, {"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"}, {"name": "GLSA-201904-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-12"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:21:15.512Z"}, "title": "CVE Program Container", "references": [{"name": "1041367", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041367"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"}, {"name": "USN-3722-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3722-1/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"}, {"name": "USN-3722-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3722-2/"}, {"name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"}, {"name": "GLSA-201904-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201904-12"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-29T14:37:29.272393Z", "id": "CVE-2018-0360", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T14:55:17.564Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0360", "datePublished": "2018-07-16T17:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-11-29T14:55:17.564Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securitytracker.com/id/1041367", "name": "1041367", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://usn.ubuntu.com/3722-1/", "name": "USN-3722-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://usn.ubuntu.com/3722-2/", "name": "USN-3722-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html", "name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/201904-12", "name": "GLSA-201904-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:21:15.512Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-0360", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-29T14:37:29.272393Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-29T14:38:12.540Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "ClamAV before 0.100.1 unknown", "versions": [{"status": "affected", "version": "ClamAV before 0.100.1 unknown"}]}], "datePublic": "2018-07-16T00:00:00", "references": [{"url": "http://www.securitytracker.com/id/1041367", "name": "1041367", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://usn.ubuntu.com/3722-1/", "name": "USN-3722-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/", "tags": ["x_refsource_MISC"]}, {"url": "https://usn.ubuntu.com/3722-2/", "name": "USN-3722-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html", "name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://security.gentoo.org/glsa/201904-12", "name": "GLSA-201904-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"]}], "descriptions": [{"lang": "en", "value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "integer overflow"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2019-04-11T02:06:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "ClamAV before 0.100.1 unknown"}]}, "product_name": "ClamAV before 0.100.1 unknown"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securitytracker.com/id/1041367", "name": "1041367", "refsource": "SECTRACK"}, {"url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "refsource": "CONFIRM"}, {"url": "https://usn.ubuntu.com/3722-1/", "name": "USN-3722-1", "refsource": "UBUNTU"}, {"url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/", "name": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/", "refsource": "MISC"}, {"url": "https://usn.ubuntu.com/3722-2/", "name": "USN-3722-2", "refsource": "UBUNTU"}, {"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html", "name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", "refsource": "MLIST"}, {"url": "https://security.gentoo.org/glsa/201904-12", "name": "GLSA-201904-12", "refsource": "GENTOO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "integer overflow"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-0360", "STATE": "PUBLIC", "ASSIGNER": "psirt@cisco.com"}}}}, "cveMetadata": {"cveId": "CVE-2018-0360", "state": "PUBLISHED", "dateUpdated": "2024-11-29T14:55:17.564Z", "dateReserved": "2017-11-27T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2018-07-16T17:00:00", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*", "matchCriteriaId": "8520A23A-53E5-4D3B-BF38-05F54E1FA66D", "versionEndExcluding": "0.100.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c."}, {"lang": "es", "value": "ClamAV en versiones anteriores a la 0.100.1 tiene un desbordamiento de enteros HWP con un bucle infinito resultante mediante un archivo Hangul Word Processor manipulado. Esto es en parsehwp3_paragraph() en libclamav/hwp.c."}], "id": "CVE-2018-0360", "lastModified": "2024-11-21T03:38:03.643", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-16T17:29:00.283", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041367"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"}, {"source": "ykramarz@cisco.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201904-12"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3722-1/"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3722-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201904-12"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3722-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3722-2/"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}