CVSS: 5.5EPSS: 5%CPEs: 33EXPL: 0CVE-2005-3500
https://notcve.org/view.php?id=CVE-2005-3500
05 Nov 2005 — The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block. • http://secunia.com/advisories/17184 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3229
https://notcve.org/view.php?id=CVE-2005-3229
14 Oct 2005 — Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2005-3239
https://notcve.org/view.php?id=CVE-2005-3239
14 Oct 2005 — The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333566 •
CVSS: 6.5EPSS: 2%CPEs: 17EXPL: 0CVE-2005-2919
https://notcve.org/view.php?id=CVE-2005-2919
20 Sep 2005 — libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. libclamav/fsg.c en Clam AntiVirus (ClamAV) en versiones anteriores a 0.87 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un ejecutable empaquetado FSG . • http://secunia.com/advisories/16848 • CWE-17: DEPRECATED: Code CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 14%CPEs: 17EXPL: 0CVE-2005-2920
https://notcve.org/view.php?id=CVE-2005-2920
20 Sep 2005 — Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. • http://secunia.com/advisories/16848 •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0CVE-2005-2450
https://notcve.org/view.php?id=CVE-2005-2450
03 Aug 2005 — Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. Múltiples desbordamientos de búfer en los procesadores de formato de fichero NEF, CHM y FSG en libclamav for Clam AntiVirus (ClamAV) 0.86.1 y anteriores permite que atacantes remotos ganen privilegios mediante un e-mail amañado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000987 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-1922
https://notcve.org/view.php?id=CVE-2005-1922
30 Jun 2005 — The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. • http://sourceforge.net/project/shownotes.php?release_id=336462 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-1923
https://notcve.org/view.php?id=CVE-2005-1923
30 Jun 2005 — The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. • http://www.debian.org/security/2005/dsa-737 •
CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0CVE-2005-2056
https://notcve.org/view.php?id=CVE-2005-2056
28 Jun 2005 — The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. • http://secunia.com/advisories/15811 •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 1CVE-2005-1800 – Jaws Glossary 0.4/0.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-1800
28 May 2005 — Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php. • https://www.exploit-db.com/exploits/25740 •