CVSS: 8.8EPSS: 28%CPEs: 17EXPL: 0CVE-2005-2920
https://notcve.org/view.php?id=CVE-2005-2920
20 Sep 2005 — Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 •
CVSS: 6.5EPSS: 13%CPEs: 17EXPL: 0CVE-2005-2919
https://notcve.org/view.php?id=CVE-2005-2919
20 Sep 2005 — libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 23%CPEs: 3EXPL: 0CVE-2005-2450
https://notcve.org/view.php?id=CVE-2005-2450
03 Aug 2005 — Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-1923
https://notcve.org/view.php?id=CVE-2005-1923
30 Jun 2005 — The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. • http://www.debian.org/security/2005/dsa-737 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-1922
https://notcve.org/view.php?id=CVE-2005-1922
30 Jun 2005 — The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. • http://sourceforge.net/project/shownotes.php?release_id=336462 •
CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0CVE-2005-2056
https://notcve.org/view.php?id=CVE-2005-2056
28 Jun 2005 — The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. • http://secunia.com/advisories/15811 •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 1CVE-2005-1800 – Jaws Glossary 0.4/0.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-1800
28 May 2005 — Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php. • https://www.exploit-db.com/exploits/25740 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1795
https://notcve.org/view.php?id=CVE-2005-1795
27 May 2005 — The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked. La función filecopy en misc.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.85, en Mac OS, permite a atacantes remotos ejecutar código arbitrario a través de un virus en un nombre de archivo que con... • http://securitytracker.com/id?1014070 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-1711
https://notcve.org/view.php?id=CVE-2005-1711
24 May 2005 — Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. • http://securitytracker.com/id?1014030 •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2005-0133
https://notcve.org/view.php?id=CVE-2005-0133
06 Feb 2005 — ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000928 •