Page 24 of 131 results (0.004 seconds)

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0

Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •

CVSS: 7.5EPSS: 27%CPEs: 17EXPL: 0

Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.kb.cert.org/vuls/id/363713 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19506 http://www.securityfocus.com/bid/14866 http://www.vupen.com/english/advisories/2005/1774 https: •

CVSS: 5.0EPSS: 8%CPEs: 17EXPL: 0

libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 http://sourceforge.net/project/shownotes.php?release_id=356974 http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:166 http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.osvdb.org/19507 http://www.securityfocus.com/bid/14867 http://www.vupen.com/english/advisories&# • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 23%CPEs: 3EXPL: 0

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 http://marc.info/?l=bugtraq&m=112230864412932&w=2 http://secunia.com/advisories/16180 http://secunia.com/advisories/16229 http://secunia.com/advisories/16250 http://secunia.com/advisories/16296 http://secunia.com/advisories/16458 http://security.gentoo.org/glsa/glsa-200507-25.xml http://sourceforge.net/project/shownotes.php?release_id=344514 http://www.novell.com/linux/security/advisories/2005_18_sr.html http&# •

CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0

The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. • http://sourceforge.net/project/shownotes.php?release_id=336462 http://www.debian.org/security/2005/dsa-737 http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true •