CVE-2009-1270
https://notcve.org/view.php?id=CVE-2009-1270
libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang. libclamav/untar.c en ClamAV anteriores a v0.95 permite a atacantes remotos provocar una denegación de servicio (buble infinito) a través de un fichero manipulado que provoca que se cuelguen (1) clamd y (2) clamscan. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/53461 http://secunia.com/advisories/34716 http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.debian.org/security/2009/dsa-1771 http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 http://www.openwall.com/lists/oss-security/2009/04/07/6 http://www.securityfocus.com/bid/34357 http://www.ubuntu.com/usn/usn-754-1 http://www.vupen • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2009-1241
https://notcve.org/view.php?id=CVE-2009-1241
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive. Vulnerabilidad inespecífica en ClamAV en versiones anteriores a v0.95 lo que permite a atacantes remotos evitar la detección de malware a través de un archivo RAR modificado. • http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 http://www.openwall.com/lists/oss-security/2009/04/07/6 http://www.securityfocus.com/archive/1/502366/100/0/threaded http •
CVE-2008-5525
https://notcve.org/view.php?id=CVE-2008-5525
ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. ClamAV v0.94.1 y posiblemente v0.93.1, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML colocando una cabecera MZ (alias "EXE info") al principio, y modificar el nombre del archivo a (1 ) sin extensión, (2) una extensión. txt, o (3) una extensión .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745. • http://securityreason.com/securityalert/4723 http://www.securityfocus.com/archive/1/498995/100/0/threaded http://www.securityfocus.com/archive/1/499043/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 • CWE-20: Improper Input Validation •
CVE-2008-5314 – ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-5314
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions. Vulnerabilidad de consumo de pila en el archivo libclamav/special.c en ClamAV y versiones anteriores 0.94.2, que permite a los atacantes remotos causar una denegación de servicios (caída de demonio) a través de un archivo JPEG manipulado, relativo a las funciones cli_check_jpeg_exploit, jpeg_check_photoshop y jpeg_check_photoshop_8bim. • https://www.exploit-db.com/exploits/7330 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html http://lurker.clamav.net/message/20081126.150241.55b1e092.en.html http://osvdb.org/50363 http://secunia.com/advisories/32926 http://secunia.com/advisories/32936 http://secunia.com/advisories/33016 http://secunia.com/advisories/33195 http://secunia.com/advisories/33317 http://secunia.com/advis • CWE-399: Resource Management Errors •
CVE-2008-5050
https://notcve.org/view.php?id=CVE-2008-5050
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow. Error de superación de límite en la función get_unicode_name (libclamav/vba_extract.c) en Clam Anti-Virus (ClamAV) antes de v0.94.1 permite a atacantes remotos provocar una denegación de servicio (caída) y puede que ejecutar código de su elección mediante un archivo de proyecto VBA manipulado lo que dispara un desbordamiento de búfer basado en montículo. • http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-November/065530.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32663 http://secunia.com/advisories/32699 http://secunia.com/advisories/32765 http://secunia.com/advisories/32872 http://secunia.com/advisories/33016 http://secunia.com/advisories/33317 http://secunia.com/advisories/33937 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •