Page 26 of 131 results (0.013 seconds)

CVSS: 5.0EPSS: 6%CPEs: 10EXPL: 0

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. • http://seclists.org/lists/fulldisclosure/2005/Jan/0332.html http://seclists.org/lists/fulldisclosure/2005/Jan/0537.html http://secunia.com/advisories/13900 http://sourceforge.net/project/shownotes.php?release_id=300116 http://www.gentoo.org/security/en/glsa/glsa-200501-46.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:025 •

CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0

ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000928 http://sourceforge.net/project/shownotes.php?release_id=300116 http://www.gentoo.org/security/en/glsa/glsa-200501-46.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:025 http://www.trustix.org/errata/2005/0003 •

CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 0

Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. • http://freshmeat.net/projects/clamav/?branch_id=29355&release_id=154462 http://secunia.com/advisories/11177 http://security.gentoo.org/glsa/glsa-200404-07.xml http://www.securityfocus.com/bid/9897 https://exchange.xforce.ibmcloud.com/vulnerabilities/15553 •

CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 2

libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program. libclamav de Clam AntiVirus 0.65 permite a atacantes remotos causar una denegación de servicio (caída) mediante un mensaje de correo electrónico con codificación uu con una longitud de línea inválida (por ejemplo, un carácter en minúsculas), lo que causa un error de asercíón en clamd que termina al programa llamante. • https://www.exploit-db.com/exploits/23667 http://marc.info/?l=bugtraq&m=107634700823822&w=2 http://security.gentoo.org/glsa/glsa-200402-07.xml http://www.freebsd.org/cgi/query-pr.cgi?pr=62586 http://www.osvdb.org/3894 http://www.securityfocus.com/bid/9610 https://exchange.xforce.ibmcloud.com/vulnerabilities/15077 •

CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 1

The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. • http://marc.info/?l=bugtraq&m=108066864608615&w=2 http://secunia.com/advisories/11253 http://security.gentoo.org/glsa/glsa-200405-03.xml http://www.securityfocus.com/bid/10007 https://exchange.xforce.ibmcloud.com/vulnerabilities/15692 •