CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2007-3025
https://notcve.org/view.php?id=CVE-2007-3025
07 Jun 2007 — Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions. Vulnerabilidad no especificada en el libclamav/phishcheck.c del ClamAV en versiones anteriores a 0.90.3 y en la 0.91 en versiones anteriores a 0.91rc1, cuando corre bajo Solaris, permite a atacantes remotos provocar una denegación del servicio (cuelgu... • http://kolab.org/security/kolab-vendor-notice-15.txt •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2007-3023
https://notcve.org/view.php?id=CVE-2007-3023
07 Jun 2007 — unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors. unsp.c en el ClamAV en versiones anteriores a la 0.90.3 y la 0.91 anterior a la 0.91rc1 no calcula adecuadamente el final de ciertos búfer, lo que tiene un impacto desconocido y vectores de ataque remotos. • http://kolab.org/security/kolab-vendor-notice-15.txt •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2007-3122
https://notcve.org/view.php?id=CVE-2007-3122
07 Jun 2007 — The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR. El motor de análisis sintáctico del ClamAV anterior al 0.90.3 y el 0.91 anterior al 0.91rc1, permite a atacantes remotos evitar el escaneo mediante un fichero RAR con una bandera de la cabecera con valor 10, lo que puede ser procesado por el WinRAR. • http://kolab.org/security/kolab-vendor-notice-15.txt •
CVSS: 5.5EPSS: 2%CPEs: 6EXPL: 0CVE-2007-3123
https://notcve.org/view.php?id=CVE-2007-3123
07 Jun 2007 — unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow. El unrar.c en libclamav del ClamAV en versiones anteriores a 0.90.3 y la 0.91 en versiones anteriores a 0.91rc1 permite a atacantes remotos provocar una denegación del servicio (volado de memoria tras un error en ejecución) a través de un fichero RAR manipulado con un valor ... • http://kolab.org/security/kolab-vendor-notice-15.txt •
CVSS: 5.5EPSS: 3%CPEs: 3EXPL: 0CVE-2007-2650
https://notcve.org/view.php?id=CVE-2007-2650
14 May 2007 — The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file. El analazidor sintáctico OLE2 en Clam AntiVirus (ClamAV) permite a atacantes remotos provocar denegación de servicio (consumo de recursos) a través de un archivo OLE2 con (1)un tamaño grande de la propiedad o (2) un bucle en la cad... • http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 10%CPEs: 6EXPL: 0CVE-2007-1997
https://notcve.org/view.php?id=CVE-2007-1997
16 Apr 2007 — Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. Error de presencia de signo en entero en las funciones (1) cab_unstore y (2) cab_extract en libclamav/cab.c de Clam AntiVirus (ClamAV) anterior a 0.90.2 permite a atacantes remotos ejecutar c... • http://docs.info.apple.com/article.html?artnum=307562 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3229
https://notcve.org/view.php?id=CVE-2005-3229
14 Oct 2005 — Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-1711
https://notcve.org/view.php?id=CVE-2005-1711
24 May 2005 — Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. • http://securitytracker.com/id?1014030 •