CVSS: 7.5EPSS: 16%CPEs: 11EXPL: 0CVE-2005-3303
https://notcve.org/view.php?id=CVE-2005-3303
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. • http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html http://secunia.com/advisories/17184 http://secunia.com/advisories/17434 http://secunia.com/advisories/17448 http://secunia.com/advisories/17451 http://secunia.com/advisories/17501 http://secunia.com/advisories/17559 http://securityreason.com/securityalert/146 http://securitytracker.com/id?1015154 http://sourceforge.net/project/shownotes.php?release_id=368319 http://www.debian.org/security/2005/dsa-887 http://www. •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3229
https://notcve.org/view.php?id=CVE-2005-3229
Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •
CVSS: 5.0EPSS: 8%CPEs: 17EXPL: 0CVE-2005-2919
https://notcve.org/view.php?id=CVE-2005-2919
libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:166 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19507 http://www.securityfocus.com/bid/14867 http://www.vupen.com/english/advisories&# • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 27%CPEs: 17EXPL: 0CVE-2005-2920
https://notcve.org/view.php?id=CVE-2005-2920
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.kb.cert.org/vuls/id/363713 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19506 http://www.securityfocus.com/bid/14866 http://www.vupen.com/english/advisories/2005/1774 https: •
CVSS: 7.5EPSS: 23%CPEs: 3EXPL: 0CVE-2005-2450
https://notcve.org/view.php?id=CVE-2005-2450
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 http://marc.info/?l=bugtraq&m=112230864412932&w=2 http://secunia.com/advisories/16180 http://secunia.com/advisories/16229 http://secunia.com/advisories/16250 http://secunia.com/advisories/16296 http://secunia.com/advisories/16458 http://security.gentoo.org/glsa/glsa-200507-25.xml http://sourceforge.net/project/shownotes.php?release_id=344514 http://www.novell.com/linux/security/advisories/2005_18_sr.html http&# •