ClamAV Cascading Style Sheets Image Parsing Error Handling Denial of Service Vulnerability
Summary
A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the scanning process. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulne…
- Release Secure Endpoint Connector for Linux (first fixed: 1.28.11)
- Release Secure Endpoint Connector for Mac (first fixed: 1.27.21)
- Release Secure Endpoint Connector for Windows (first fixed: 8.6.01)
- Release Secure Endpoint Private Cloud (first fixed: 4.2.7 or earlier with updated connectors2)
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- 1.28.11
- 1.27.21
- 8.6.01
- 4.2.7 or earlier with updated connectors2
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release Secure Endpoint Connector for Linux: upgrade to 1.28.11.
- Release Secure Endpoint Connector for Mac: upgrade to 1.27.21.
- Release Secure Endpoint Connector for Windows: upgrade to 8.6.01.
- Release Secure Endpoint Private Cloud: upgrade to 4.2.7 or earlier with updated connectors2.
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.