CVSS: 6.2EPSS: 91%CPEs: 35EXPL: 0CVE-2012-1459
https://notcve.org/view.php?id=CVE-2012-1459
21 Mar 2012 — The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, ... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 43EXPL: 0CVE-2011-3627
https://notcve.org/view.php?id=CVE-2011-3627
17 Nov 2011 — The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. El motor de código de bytes en ClamAV anterior a v0.97.3 permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con el "nivel de recursividad" y (1) libclamav / bytecode.c y (2) libclamav / bytecode_api.c. • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 3%CPEs: 117EXPL: 0CVE-2011-2721
https://notcve.org/view.php?id=CVE-2011-2721
05 Aug 2011 — Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. Error "off-by-one" (desbordamiento en un elemento del array) en la función cli_hm_scan de matcher-hash.c de libclamav de ClamAV en versiones anteriores a la 0.97.2 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 6%CPEs: 114EXPL: 0CVE-2011-1003
https://notcve.org/view.php?id=CVE-2011-1003
23 Feb 2011 — Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information. Doble vulnerabilidad libre en la función vba_read_project_strings en vba_extract.c en libclamav en ClamAV anterior a v0.97, podría permitir a atacantes remotos ejecutar código arbitr... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob%3Bf=ChangeLog%3Bhb=clamav-0.97 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 6%CPEs: 113EXPL: 0CVE-2010-4260
https://notcve.org/view.php?id=CVE-2010-4260
07 Dec 2010 — Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396." Múltiples vulnerabilidades no especificadas en pdf.c en libclamav en ClamAV, en versiones anteriores a la 0.96.5, permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código de su elección median... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master •
CVSS: 9.8EPSS: 6%CPEs: 113EXPL: 0CVE-2010-4261
https://notcve.org/view.php?id=CVE-2010-4261
07 Dec 2010 — Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. Error Off-by-oneen en la función icon_cb en pe_icons.c en libclamav en ClamAV anterior v0.96.5 permite a atacantes remotos causar una denegación de servicio (caída memoria y caída de aplicación)... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 5%CPEs: 113EXPL: 0CVE-2010-4479
https://notcve.org/view.php?id=CVE-2010-4479
07 Dec 2010 — Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260. Vulnerabilidad no especificada en pdf.c en libclamav en ClamAV antes de v0.96.5 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un documento PDF debidam... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=master •
CVSS: 9.3EPSS: 10%CPEs: 100EXPL: 0CVE-2010-3434
https://notcve.org/view.php?id=CVE-2010-3434
30 Sep 2010 — Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en la función find_stream_bounds en pdf.c en libclamav en ClamAV, en versiones anteriores a la 0.96.3, permite a atacantes remotos provocar una denegación de servicio (caída de la apli... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 3%CPEs: 94EXPL: 0CVE-2010-1639
https://notcve.org/view.php?id=CVE-2010-1639
26 May 2010 — The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. La función cli_pdf en libclamav/pdf.c en ClamAV anterior v0.96.1 permite a atacantes remotos causar una denegación de servicio (caída) a través de un archivo PDF manipulado, relacionado con una inconsistencia en la longitud de cadena calculada y la longuitud real de la cad... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=f0eb394501ec21b9fe67f36cbf5db788711d4236#patch2 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2010-1640
https://notcve.org/view.php?id=CVE-2010-1640
26 May 2010 — Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. Error de superación de límite (Off-by-one) en la función parseicon en libclamav/pe_icons.c in ClamAV v0.96 permite a atacantes remotos causar una denegación de servicio (caída) a través de un icono manipulado PE que lanza una lectura fuera de límites, relacionado c... • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.96.1 • CWE-189: Numeric Errors •