CVE-2006-5295 – Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-5295
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." Vulnerabilidad no especificada en ClamAV anterior a 0.88.5 permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) mediante un archivo de Ayuda HTML comprimida (CHM) creado artesanalmente que hace que ClamAV lea una posición de memoria inválida. • https://www.exploit-db.com/exploits/2586 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423 http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http://secunia.com/advisories/22551 http://secunia.com/advisories/22626 http://security.gentoo.org/glsa/glsa-200610-10.xml http:/ •
CVE-2006-4182 – Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-4182
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. Desbordamiento de entero en ClamAV 0.88.1 y 0.88.4, y otras versiones anteriores a 0.88.5, permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) y ejecutar código de su elección mediante un Ejecutable Portátil (Portable Executable, PE) creado artesanalmente, que provoca un desbordamiento de búfer basado en montón cuando se ha reservado menos memoria de la esperada. • https://www.exploit-db.com/exploits/2587 http://docs.info.apple.com/article.html?artnum=304829 http://kolab.org/security/kolab-vendor-notice-13.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http:/ •
CVE-2006-4018 – Clam Anti-Virus ClamAV 0.88.x - UPX Compressed PE File Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4018
Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. Desbordamiento de búfer basado en montón en la función pefromupx en libclamav/upx.c en Clam AntiVirus (ClamAV) 0.81 hasta 0.88.3 permite a atacantes remotos ejecutar código de su elección mediante un archivo empaquetado UPX manipulado que contiene secciones con valores grandes de rsize. • https://www.exploit-db.com/exploits/28348 http://kolab.org/security/kolab-vendor-notice-10.txt http://secunia.com/advisories/21368 http://secunia.com/advisories/21374 http://secunia.com/advisories/21433 http://secunia.com/advisories/21443 http://secunia.com/advisories/21457 http://secunia.com/advisories/21497 http://secunia.com/advisories/21562 http://security.gentoo.org/glsa/glsa-200608-13.xml http://securitytracker.com/id?1016645 http://www.clamav.net/security/0.88 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-2427
https://notcve.org/view.php?id=CVE-2006-2427
freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file. • http://secunia.com/advisories/20085 http://securityreason.com/securityalert/912 http://securitytracker.com/id?1016086 http://www.digitalmunition.com/DMA%5B2006-0514a%5D.txt http://www.securityfocus.com/archive/1/434008/100/0/threaded http://www.vupen.com/english/advisories/2006/1807 https://exchange.xforce.ibmcloud.com/vulnerabilities/26453 •
CVE-2006-1989
https://notcve.org/view.php?id=CVE-2006-1989
Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers. • http://kolab.org/security/kolab-vendor-notice-09.txt http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://secunia.com/advisories/19874 http://secunia.com/advisories/19880 http://secunia.com/advisories/19912 http://secunia.com/advisories/19963 http://secunia.com/advisories/19964 http://secunia.com/advisories/20117 http://secunia.com/advisories/20159 http://secunia.com/advisories/ •