CVE-2021-1405
HIGH
Published 2021-04-08T04:30:14.596976Z
Actions:
CVSS Score
V3.1
7.5
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score Metrics
Exploitability: N/A
Impact: N/A
EPSS Score
v2023.03.01
0.005
probability
of exploitation in the wild
There is a 0.5% chance that this vulnerability will be exploited in the wild within the next 30 days.
Updated: 2025-01-25
Exploit Probability
Percentile: 0.757
Higher than 75.7% of all CVEs
Attack Vector Metrics
Impact Metrics
Description
A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
References
Published: 2021-04-08T04:30:14.596976Z
Last Modified: 2024-11-08T23:25:38.707Z
Copied to clipboard!