Page 17 of 89 results (0.055 seconds)

CVSS: 5.0EPSS: 8%CPEs: 22EXPL: 0

Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. Clam AntiVirus (ClamAV) 0.88 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un adjunto MIME codificado-base64 mal formado que dispara una referencia a puntero null. • http://secunia.com/advisories/23327 http://secunia.com/advisories/23362 http://secunia.com/advisories/23411 http://www.debian.org/security/2006/dsa-1232 http://www.mandriva.com/security/advisories?name=MDKSA-2006:230 http://www.novell.com/linux/security/advisories/2006_78_clamav.html http://www.securityfocus.com/bid/21510 •

CVSS: 5.0EPSS: 47%CPEs: 48EXPL: 1

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." Vulnerabilidad no especificada en ClamAV anterior a 0.88.5 permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) mediante un archivo de Ayuda HTML comprimida (CHM) creado artesanalmente que hace que ClamAV lea una posición de memoria inválida. • https://www.exploit-db.com/exploits/2586 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423 http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http://secunia.com/advisories/22551 http://secunia.com/advisories/22626 http://security.gentoo.org/glsa/glsa-200610-10.xml http:/&# •

CVSS: 7.5EPSS: 36%CPEs: 48EXPL: 1

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. Desbordamiento de entero en ClamAV 0.88.1 y 0.88.4, y otras versiones anteriores a 0.88.5, permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) y ejecutar código de su elección mediante un Ejecutable Portátil (Portable Executable, PE) creado artesanalmente, que provoca un desbordamiento de búfer basado en montón cuando se ha reservado menos memoria de la esperada. • https://www.exploit-db.com/exploits/2587 http://docs.info.apple.com/article.html?artnum=304829 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http:/ •

CVSS: 7.5EPSS: 87%CPEs: 19EXPL: 3

Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. Desbordamiento de búfer basado en montón en la función pefromupx en libclamav/upx.c en Clam AntiVirus (ClamAV) 0.81 hasta 0.88.3 permite a atacantes remotos ejecutar código de su elección mediante un archivo empaquetado UPX manipulado que contiene secciones con valores grandes de rsize. • https://www.exploit-db.com/exploits/28348 http://kolab.org/security/kolab-vendor-notice-10.txt http://secunia.com/advisories/21368 http://secunia.com/advisories/21374 http://secunia.com/advisories/21433 http://secunia.com/advisories/21443 http://secunia.com/advisories/21457 http://secunia.com/advisories/21497 http://secunia.com/advisories/21562 http://security.gentoo.org/glsa/glsa-200608-13.xml http://securitytracker.com/id?1016645 http://www.clamav.net/security/0.88&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1

freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file. • http://secunia.com/advisories/20085 http://securityreason.com/securityalert/912 http://securitytracker.com/id?1016086 http://www.digitalmunition.com/DMA%5B2006-0514a%5D.txt http://www.securityfocus.com/archive/1/434008/100/0/threaded http://www.vupen.com/english/advisories/2006/1807 https://exchange.xforce.ibmcloud.com/vulnerabilities/26453 •