CVSS: 7.5EPSS: 6%CPEs: 22EXPL: 0CVE-2006-5874
https://notcve.org/view.php?id=CVE-2006-5874
10 Dec 2006 — Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. Clam AntiVirus (ClamAV) 0.88 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un adjunto MIME codificado-base64 mal formado que dispara una referencia a puntero null. • http://secunia.com/advisories/23327 •
CVSS: 9.1EPSS: 59%CPEs: 48EXPL: 1CVE-2006-4182 – Clam AntiVirus 0.88.4 - 'rebuildpe' Remote Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-4182
16 Oct 2006 — Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. Desbordamiento de entero en ClamAV 0.88.1 y 0.88.4, y otras versiones anteriores a 0.88.5, permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) y ejecut... • https://www.exploit-db.com/exploits/2587 •
CVSS: 5.5EPSS: 18%CPEs: 48EXPL: 1CVE-2006-5295 – Clam AntiVirus 0.88.4 - CHM Chunk Name Length Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-5295
16 Oct 2006 — Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." Vulnerabilidad no especificada en ClamAV anterior a 0.88.5 permite a atacantes remotos provocar una denegación de servicio (caída del servicio de escaneo) mediante un archivo de Ayuda HTML comprimida (CHM) creado artesanalmente que hace que ClamAV lea una posición de memoria invál... • https://www.exploit-db.com/exploits/2586 •
CVSS: 9.1EPSS: 61%CPEs: 19EXPL: 3CVE-2006-4018 – Clam Anti-Virus ClamAV 0.88.x - UPX Compressed PE File Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4018
08 Aug 2006 — Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. Desbordamiento de búfer basado en montón en la función pefromupx en libclamav/upx.c en Clam AntiVirus (ClamAV) 0.81 hasta 0.88.3 permite a atacantes remotos ejecutar código de su elección mediante un archivo empaquetado UPX manipulado que contiene secciones con valore... • https://www.exploit-db.com/exploits/28348 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 41%CPEs: 30EXPL: 1CVE-2006-1614
https://notcve.org/view.php?id=CVE-2006-1614
06 Apr 2006 — Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 10.0EPSS: 26%CPEs: 59EXPL: 0CVE-2006-1615
https://notcve.org/view.php?id=CVE-2006-1615
06 Apr 2006 — Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.5EPSS: 11%CPEs: 30EXPL: 0CVE-2006-1630
https://notcve.org/view.php?id=CVE-2006-1630
06 Apr 2006 — The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access." • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 7.8EPSS: 61%CPEs: 30EXPL: 0CVE-2006-0162 – Clam AntiVirus UPX Unpacking Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-0162
10 Jan 2006 — Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Clam AntiVirus installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/upx.c during the unpacking of executable files compressed with UPX. Due to an invalid siz... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2005-3587
https://notcve.org/view.php?id=CVE-2005-3587
16 Nov 2005 — Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. • http://sourceforge.net/project/shownotes.php?release_id=368319 •
CVSS: 7.8EPSS: 14%CPEs: 11EXPL: 0CVE-2005-3303
https://notcve.org/view.php?id=CVE-2005-3303
05 Nov 2005 — The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. • http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html •