Page 8 of 84 results (0.011 seconds)

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition." ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a través de un fichero de empaquetador upx manipulado, relacionado con una 'condición de memoria dinámica fuera de rango.' • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html http://secunia.com/advisories/62536 http://securitytracker.com/id/1031672 https://security.gentoo.org/glsa/201512-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0

ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization." ClamAV anterior a 0.98.6 permite a atacantes remotos causar una denegación de servicio (caída) a través de un fichero de empaquetador 'petite' (petite packer) manipulado, relacionado con una 'optimización del compilador incorrecta.' • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html https://security.gentoo.org/glsa/201512-08 • CWE-17: DEPRECATED: Code •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." ClamAV anterior a 0.98.6 permite a atacantes remotos tener un impacto no especificado a través de un fichero de desempaquetar el empaquetador (upack packer) manipulado, relacionado con una 'condición de memoria dinámica fuera de rango.' • http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://secunia.com/advisories/62536 http://secunia.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 12%CPEs: 99EXPL: 1

Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file. El desbordamiento de búfer en la región heap de la memoria en la función cli_scanpe en el archivo libclamav/pe.c en ClamAV anterior a versión 0.98.5, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de un archivo y0da Crypter PE diseñado. • http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html http://secunia.com/advisories/59645 http://secunia.com/advisories/62542 http://www.openwall.com/lists/oss-security/2014/11&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.1EPSS: 11%CPEs: 1EXPL: 0

clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file. clamscan en ClamAV anterior a 0.98.5, cuando utiliza la opción -a, permite a atacantes remotos causar una denegación de servicio (caída) como fue demostrado por el fichero jwplayer.js. • http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html http://secunia.com/advisories/59645 http://secu • CWE-17: DEPRECATED: Code •