Page 5 of 61 results (0.006 seconds)

CVSS: 7.8EPSS: 28%CPEs: 30EXPL: 0

10 Jan 2006 — Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Clam AntiVirus installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/upx.c during the unpacking of executable files compressed with UPX. Due to an invalid siz... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html •

CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0

16 Nov 2005 — Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. • http://sourceforge.net/project/shownotes.php?release_id=368319 •

CVSS: 7.8EPSS: 9%CPEs: 11EXPL: 0

05 Nov 2005 — The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. • http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html •

CVSS: 5.5EPSS: 5%CPEs: 33EXPL: 0

05 Nov 2005 — The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block. • http://secunia.com/advisories/17184 •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

14 Oct 2005 — Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •

CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0

14 Oct 2005 — The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333566 •

CVSS: 6.5EPSS: 2%CPEs: 17EXPL: 0

20 Sep 2005 — libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •

CVSS: 8.8EPSS: 14%CPEs: 17EXPL: 0

20 Sep 2005 — Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 •

CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0

03 Aug 2005 — Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

30 Jun 2005 — The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. • http://sourceforge.net/project/shownotes.php?release_id=336462 •