Filtered by vendor Clamav
Subscribe
Total
91 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-6845 | 1 Clamav | 1 Clamav | 2023-12-10 | 5.0 MEDIUM | N/A |
The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file. | |||||
CVE-2008-3912 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | |||||
CVE-2009-1371 | 1 Clamav | 1 Clamav | 2023-12-10 | 5.0 MEDIUM | N/A |
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding. | |||||
CVE-2008-5525 | 2 Clamav, Microsoft | 2 Clamav, Internet Explorer | 2023-12-10 | 9.3 HIGH | N/A |
ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | |||||
CVE-2009-1372 | 1 Clamav | 1 Clamav | 2023-12-10 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | |||||
CVE-2009-1270 | 3 Canonical, Clamav, Debian | 3 Ubuntu Linux, Clamav, Debian Linux | 2023-12-10 | 7.8 HIGH | N/A |
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang. | |||||
CVE-2008-0728 | 1 Clamav | 1 Clamav | 2023-12-10 | 10.0 HIGH | N/A |
The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption." | |||||
CVE-2007-2650 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2023-12-10 | 4.3 MEDIUM | N/A |
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file. | |||||
CVE-2006-1615 | 1 Clamav | 1 Clamav | 2023-12-10 | 10.0 HIGH | N/A |
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly. | |||||
CVE-2005-3501 | 1 Clamav | 1 Clamav | 2023-12-10 | 4.3 MEDIUM | N/A |
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length. | |||||
CVE-2006-4018 | 1 Clamav | 1 Clamav | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. |