Vulnerability Name:

CVE-2005-0218 (CCN-19319)

Assigned:2005-01-19
Published:2005-01-19
Updated:2008-09-10
Summary:ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2005-0218

Source: FULLDISC
Type: UNKNOWN
20050110 Multi-vendor AV gateway image inspection bypass vulnerability

Source: FULLDISC
Type: UNKNOWN
20050114 Re: Multi-vendor AV gateway image inspection bypass vulnerability

Source: CCN
Type: SA13900
Clam AntiVirus RFC2397 Bypass Weakness

Source: SECUNIA
Type: Vendor Advisory
13900

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/project/shownotes.php?release_id=300116

Source: CCN
Type: Clam AntiVirus Web site
Clam AntiVirus

Source: CCN
Type: GLSA-200501-46
ClamAV: Multiple issues

Source: GENTOO
Type: Patch
GLSA-200501-46

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:025

Source: CCN
Type: OSVDB ID: 13045
Multiple ProductsRFC2397 Encoded Image Scan Bypass

Source: XF
Type: UNKNOWN
clamantivirus-image-bypass-security(19319)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:clam_anti-virus:clamav:0.51:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.52:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.54:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.60:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.67:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.68:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.68.1:*:*:*:*:*:*:*
  • OR cpe:/a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    clam_anti-virus clamav 0.51
    clam_anti-virus clamav 0.52
    clam_anti-virus clamav 0.53
    clam_anti-virus clamav 0.54
    clam_anti-virus clamav 0.60
    clam_anti-virus clamav 0.65
    clam_anti-virus clamav 0.67
    clam_anti-virus clamav 0.68
    clam_anti-virus clamav 0.68.1
    clam_anti-virus clamav 0.80