libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
{
"cpe": "cpe:2.3:a:clamav:clamav:0.99.2:*:*:*:*:*:*:*",
"source": "CPE_STRING",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "0.99.2"
}
]
}"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-6418.json"
[
{
"digest": {
"length": 1064.0,
"function_hash": "8411924773331322618058653145915899983"
},
"source": "https://github.com/cisco-talos/clamav/commit/586a5180287262070637c8943f2f7efd652e4a2c",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-6418-8e38158c",
"signature_version": "v1",
"target": {
"file": "libclamav/message.c",
"function": "messageFindArgument"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"81931090794367225593898439055161933938",
"167980574969179440687084582597496753902",
"55448340559487015224720964135014407383",
"38589169098278769608933629461838857826",
"172726005500348110301429670464002460835",
"36647451159828582513517242816843091264",
"192655131298326637061029023059490605418",
"163648590445410673071781345614646550543",
"276871485249595305150905337292995692585"
]
},
"source": "https://github.com/cisco-talos/clamav/commit/586a5180287262070637c8943f2f7efd652e4a2c",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2017-6418-9cdcd390",
"signature_version": "v1",
"target": {
"file": "libclamav/message.c"
}
},
{
"digest": {
"length": 1512.0,
"function_hash": "203584271026814593334015189844539459788"
},
"source": "https://github.com/cisco-talos/clamav/commit/586a5180287262070637c8943f2f7efd652e4a2c",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2017-6418-ddca6c31",
"signature_version": "v1",
"target": {
"file": "libclamav/message.c",
"function": "messageAddArgument"
}
}
]
"2026-07-07T19:26:05Z"