CVSS: 7.5EPSS: 23%CPEs: 3EXPL: 0CVE-2005-2450
https://notcve.org/view.php?id=CVE-2005-2450
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 http://marc.info/?l=bugtraq&m=112230864412932&w=2 http://secunia.com/advisories/16180 http://secunia.com/advisories/16229 http://secunia.com/advisories/16250 http://secunia.com/advisories/16296 http://secunia.com/advisories/16458 http://security.gentoo.org/glsa/glsa-200507-25.xml http://sourceforge.net/project/shownotes.php?release_id=344514 http://www.novell.com/linux/security/advisories/2005_18_sr.html http&# •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2005-1922
https://notcve.org/view.php?id=CVE-2005-1922
The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. • http://sourceforge.net/project/shownotes.php?release_id=336462 http://www.debian.org/security/2005/dsa-737 http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true •
CVSS: 2.6EPSS: 0%CPEs: 5EXPL: 0CVE-2005-1923
https://notcve.org/view.php?id=CVE-2005-1923
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. • http://www.debian.org/security/2005/dsa-737 http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities •
CVSS: 2.6EPSS: 2%CPEs: 3EXPL: 0CVE-2005-2056
https://notcve.org/view.php?id=CVE-2005-2056
The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. • http://secunia.com/advisories/15811 http://sourceforge.net/project/shownotes.php?release_id=337279 http://www.debian.org/security/2005/dsa-737 http://www.gentoo.org/security/en/glsa/glsa-200506-23.xml http://www.novell.com/linux/security/advisories/2005_38_clamav.html http://www.securityfocus.com/bid/14058 •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 1CVE-2005-1800 – Jaws Glossary 0.4/0.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-1800
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php. • https://www.exploit-db.com/exploits/25740 http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/034354.html http://www.securityfocus.com/bid/13796 •