Page 19 of 152 results (0.012 seconds)

CVSS: 5.0EPSS: 13%CPEs: 57EXPL: 1

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. libclamav/petite.c de ClamAV versiones anteriores a 0.93.1 permite a atacantes remotos provocar una denegación de servicio a través de un fichero Petite manipulado que dispara una lectura fuera del límite. • http://kolab.org/security/kolab-vendor-notice-21.txt http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html http://secunia.com/advisories/30657 http://secunia.com/advisories/30785 http://secunia.com/advisories/30829 http://secunia.com/advisories/30967 http://secunia.com/advisories/31091 http://secunia.com/advisories/ • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 5%CPEs: 8EXPL: 0

The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read. La función rfc2231 en message.c en libclamav de ClamAV anterior 0.93, permite a atacantes remotos causar una denegación de servicio (caída) a través de un mensaje manipulado que produce una cadena que no termina en null, lo que inicia un desbordamiento de búfer de lectura. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html http://secunia.com/advisories/29891 http://secunia.com/advisories/30253 http://secunia.com/advisories/30328 http://secunia.com/advisories/31576 http://secunia.com/advisories/31882 http://security.gentoo.org/glsa/glsa-200805-19.xml http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html http://www.mandriva.com/security&# •

CVSS: 5.0EPSS: 1%CPEs: 64EXPL: 0

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar. ClamAV antes de 0.93 permite a atacantes remotos evitar el motor de escanéo a través de un archivo RAR con un número de versión no válido, que no puede ser analizado por ClamAV pero que puede ser extraído por Winrar. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html http://secunia.com/advisories/29891 http://secunia.com/advisories/30328 http://secunia.com/advisories/31576 http://secunia.com/advisories/31882 http://security.gentoo.org/glsa/glsa-200805-19.xml http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 http: • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 8%CPEs: 64EXPL: 0

libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats. libclamunrar de ClamAV before 0.93 permite a atacantes remotos provocar una denegación de servicio (caída) a través de ficheros RAR manipulados que disparan "problemas de memoria", tal como lo demostrado por el paquete de pruebas PROTOS GENOME de Archive Formats. • http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html http://secunia.com/advisories/29891 http://secunia.com/advisories/30328 http://secunia.com/advisories/31576 http://secunia.com/advisories/31882 http://security.gentoo.org/glsa/glsa-200805-19.xml http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 http: • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 1

Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary. Desbordamiento de búfer basado en montículo en libclamav de ClamAV 0.92.1 permite a atacantes remotos ejecutar código de su elección a través de binarios PE comprimidos con WWPack manipulados. • http://kolab.org/security/kolab-vendor-notice-20.txt http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=687 http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html http://secunia.com/advisories/29863 http://secunia.com/advisories/29891 http://secunia.com/advisories/29975 http://secunia.com/advisories/30328 http://secunia.com/advisories/31576 http://secunia.com/advisories/31882 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •