Page 9 of 49 results (0.010 seconds)

CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 0

ClamAV before 0.97.7 has buffer overflow in the libclamav component ClamAV versiones anteriores a la versión 0.97.7, tiene un desbordamiento de búfer en el componente libclamav. • http://security.gentoo.org/glsa/glsa-201405-08.xml http://www.openwall.com/lists/oss-security/2013/12/13/1 http://www.securityfocus.com/bid/58546 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7088 https://security-tracker.debian.org/tracker/CVE-2013-7088 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

ClamAV before 0.97.7: dbg_printhex possible information leak ClamAV versiones anteriores a la versión 0.97.7: posible fuga de información de la función dbg_printhex. • http://security.gentoo.org/glsa/glsa-201405-08.xml http://www.openwall.com/lists/oss-security/2013/12/13/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7089 https://security-tracker.debian.org/tracker/CVE-2013-7089 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 13%CPEs: 60EXPL: 0

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read. Desbordamiento de entero en la función cli_scanpe en pe.c en ClamAV anterior a v0.97.8 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un desplazamiento mayor que el tamaño de las secciones PE en un paquete ejecutable UPX, que dispara un error de salida de rango en la lectura. • http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109514.html http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109639.html http://lists.fedoraproject.org/pipermail/package-announce/2013-June/109652.html http://lists.fedoraproject.org/pipermail/package-announce&# • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 2%CPEs: 43EXPL: 0

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. El motor de código de bytes en ClamAV anterior a v0.97.3 permite a atacantes remotos causar una denegación de servicio (caída) a través de vectores relacionados con el "nivel de recursividad" y (1) libclamav / bytecode.c y (2) libclamav / bytecode_api.c. • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commitdiff%3Bh=3d664817f6ef833a17414a4ecea42004c35cc42f http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html http://secunia.com/advisories/46717 http://secunia.com/advisories/46826 http://www.openwall.com/lists/oss-security/2011/10/18/1 http://www.securityfocus.com& • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 7%CPEs: 117EXPL: 0

Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. Error "off-by-one" (desbordamiento en un elemento del array) en la función cli_hm_scan de matcher-hash.c de libclamav de ClamAV en versiones anteriores a la 0.97.2 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de un correo electrónico que no es apropiadamente manejado durante determinados cálculos de hash. • http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_plain%3Bf=ChangeLog%3Bhb=clamav-0.97.2 http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=commit%3Bh=4842733eb3f09be61caeed83778bb6679141dbc5 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068940.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068941.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068942.html http://secunia.com/advisories/45382 http://secunia.com/advisories • CWE-189: Numeric Errors •