CVSS: 5.5EPSS: 7%CPEs: 5EXPL: 0CVE-2015-2170 – Ubuntu Security Notice USN-2594-1
https://notcve.org/view.php?id=CVE-2015-2170
04 May 2015 — The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. El decodificador upx en ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegación de servicio (caída) a través de un fichero manipulado. It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation... • http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 8%CPEs: 5EXPL: 0CVE-2015-2221 – Ubuntu Security Notice USN-2594-1
https://notcve.org/view.php?id=CVE-2015-2221
04 May 2015 — ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file. ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un fichero cryptor y0da manipulado. It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation... • http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 7%CPEs: 5EXPL: 0CVE-2015-2222 – Ubuntu Security Notice USN-2594-1
https://notcve.org/view.php?id=CVE-2015-2222
04 May 2015 — ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file. ClamAV anterior a 0.98.7 permite a atacantes remotos causar una denegación de servicio (caída) a través de un fichero empaquetado con Petite manipulado. It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, atta... • http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 7%CPEs: 5EXPL: 0CVE-2015-2668 – Ubuntu Security Notice USN-2594-1
https://notcve.org/view.php?id=CVE-2015-2668
04 May 2015 — ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. ClamAV en versiones anteriores a 0.98.7 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un fichero del archivo xz. It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default instal... • http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-1461 – Gentoo Linux Security Advisory 201512-08
https://notcve.org/view.php?id=CVE-2015-1461
03 Feb 2015 — ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition." ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a través de un fichero de empaquetador (1) Yoda's crypter o (2) mew manipulado, relacionado con una 'condición de memoria dinámica fuera de rango.' Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions le... • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-1462 – Gentoo Linux Security Advisory 201512-08
https://notcve.org/view.php?id=CVE-2015-1462
03 Feb 2015 — ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition." ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a través de un fichero de empaquetador upx manipulado, relacionado con una 'condición de memoria dinámica fuera de rango.' Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected. • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-1463 – Gentoo Linux Security Advisory 201512-08
https://notcve.org/view.php?id=CVE-2015-1463
03 Feb 2015 — ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization." ClamAV anterior a 0.98.6 permite a atacantes remotos causar una denegación de servicio (caída) a través de un fichero de empaquetador 'petite' (petite packer) manipulado, relacionado con una 'optimización del compilador incorrecta.' Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.... • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 6%CPEs: 3EXPL: 0CVE-2014-9328 – Mandriva Linux Security Advisory 2015-042
https://notcve.org/view.php?id=CVE-2014-9328
02 Feb 2015 — ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a través de un fichero de desempaquetar el empaquetador (upack packer) manipulado, relacionado con una 'condición de memoria dinámica fuera de rango.' ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them Fix a heap out of bounds condition with crafted Yoda's ... • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 5%CPEs: 99EXPL: 1CVE-2014-9050 – Gentoo Linux Security Advisory 201412-05
https://notcve.org/view.php?id=CVE-2014-9050
27 Nov 2014 — Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file. El desbordamiento de búfer en la región heap de la memoria en la función cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versión 0.98.5, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de un archivo y0da Crypter PE diseñado. Kurt Seifried discovered that ClamAV incorr... • http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6497 – Mandriva Linux Security Advisory 2014-217
https://notcve.org/view.php?id=CVE-2013-6497
20 Nov 2014 — clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file. clamscan en ClamAV anterior a 0.98.5, cuando utiliza la opción -a, permite a atacantes remotos causar una denegación de servicio (caída) como fue demostrado por el fichero jwplayer.js. Kurt Seifried discovered that ClamAV incorrectly handled certain JavaScript files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a den... • http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html • CWE-17: DEPRECATED: Code •