Page 17 of 83 results (0.003 seconds)

CVSS: 7.5EPSS: 21%CPEs: 3EXPL: 0

CVE-2007-0897

https://notcve.org/view.php?id=CVE-2007-0897

Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. Clam AntiVirus ClamAV anterior a 0.90 no cierra los descriptores de apertura de ficheros bajo ciertas condiciones, lo cual permite a atacantes remotos provocar denegación de servicio (consumo del descriptor de fichero y fallo de escaneo) a través de archivos CAB con una longitud de registro con una cabecera cabinet(.CAB) de cero, lo cual provoca que una función retorne sin cerrar el descriptor de fichero. • http://docs.info.apple.com/article.html?artnum=307562 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=475 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.suse.com/archive/suse-security-announce/2007-Feb/0004.html http://osvdb.org/32283 http://secunia.com/advisories/24183 http://secunia.com/advisories/24187 http://secunia.com/advisories/24192 http://secunia.com/advisories/24319 http://secunia.com/advisories/24332 http:/&# • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.0EPSS: 47%CPEs: 48EXPL: 1

CVE-2006-5295 – Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." Vulnerabilidad no especificada en ClamAV anterior a 0.88.5 permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) mediante un archivo de Ayuda HTML comprimida (CHM) creado artesanalmente que hace que ClamAV lea una posición de memoria inválida. • https://www.exploit-db.com/exploits/2586 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423 http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http://secunia.com/advisories/22551 http://secunia.com/advisories/22626 http://security.gentoo.org/glsa/glsa-200610-10.xml http:/&# •

CVSS: 7.5EPSS: 36%CPEs: 48EXPL: 1

CVE-2006-4182 – Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC)

https://notcve.org/view.php?id=CVE-2006-4182

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. Desbordamiento de entero en ClamAV 0.88.1 y 0.88.4, y otras versiones anteriores a 0.88.5, permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) y ejecutar código de su elección mediante un Ejecutable Portátil (Portable Executable, PE) creado artesanalmente, que provoca un desbordamiento de búfer basado en montón cuando se ha reservado menos memoria de la esperada. • https://www.exploit-db.com/exploits/2587 http://docs.info.apple.com/article.html?artnum=304829 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http:/ •