Page 19 of 96 results (0.011 seconds)

CVSS: 7.5EPSS: 14%CPEs: 11EXPL: 0

The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. • http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html http://secunia.com/advisories/17184 http://secunia.com/advisories/17434 http://secunia.com/advisories/17448 http://secunia.com/advisories/17451 http://secunia.com/advisories/17501 http://secunia.com/advisories/17559 http://securityreason.com/securityalert/146 http://securitytracker.com/id?1015154 http://sourceforge.net/project/shownotes.php?release_id=368319 http://www.debian.org/security/2005/dsa-887 http://www. •

CVSS: 7.5EPSS: 27%CPEs: 17EXPL: 0

Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.kb.cert.org/vuls/id/363713 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19506 http://www.securityfocus.com/bid/14866 http://www.vupen.com/english/advisories/2005/1774 https: •

CVSS: 5.0EPSS: 8%CPEs: 17EXPL: 0

libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:166 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19507 http://www.securityfocus.com/bid/14867 http://www.vupen.com/english/advisories&# • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked. La función filecopy en misc.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.85, en Mac OS, permite a atacantes remotos ejecutar código arbitrario a través de un virus en un nombre de archivo que contiene metacaractéres shell, que no son manejados adecuadamente cuando permisos HFS impiden que el archivo sea borrado y el mismo se invoca. • http://securitytracker.com/id?1014070 http://www.sentinelchicken.com/advisories/clamav • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 6%CPEs: 10EXPL: 0

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. • http://seclists.org/lists/fulldisclosure/2005/Jan/0332.html http://seclists.org/lists/fulldisclosure/2005/Jan/0537.html http://secunia.com/advisories/13900 http://sourceforge.net/project/shownotes.php?release_id=300116 http://www.gentoo.org/security/en/glsa/glsa-200501-46.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:025 •