IDCVSSSummaryLast (major) updatePublished
CVE-2007-0897 4.3
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record l
29-07-2017 - 01:30 16-02-2007 - 19:28
CVE-2005-1795 7.5
The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions pre
25-05-2016 - 18:34 27-05-2005 - 04:00
CVE-2007-1745 7.1
The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE
29-07-2017 - 01:30 16-04-2007 - 21:19
CVE-2008-0318 10.0
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-ba
07-03-2011 - 05:00 12-02-2008 - 20:00
CVE-2007-0898 6.4
Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. This vulnerability is addressed in the fo
29-07-2017 - 01:30 16-02-2007 - 19:28
CVE-2008-1389 5.0
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
08-03-2011 - 03:07 04-09-2008 - 16:41
CVE-2006-4182 7.5
Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-
20-07-2017 - 01:32 16-10-2006 - 23:07
CVE-2006-5295 5.0
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location." This vulnerability
20-07-2017 - 01:33 16-10-2006 - 23:07
CVE-2008-1835 5.0
ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.
08-08-2017 - 01:30 16-04-2008 - 16:05
CVE-2008-1837 5.0
libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.
08-08-2017 - 01:30 16-04-2008 - 16:05
CVE-2007-4560 7.6
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
15-10-2018 - 21:36 28-08-2007 - 01:17
CVE-2007-4510 4.3
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function
29-07-2017 - 01:32 23-08-2007 - 19:17
CVE-2008-5050 9.3
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, whic
11-10-2018 - 20:53 13-11-2008 - 02:30
CVE-2007-6335 7.5
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
29-09-2017 - 01:29 20-12-2007 - 01:46
CVE-2006-5874 5.0
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
15-09-2010 - 05:30 10-12-2006 - 02:28
CVE-2008-5314 4.3
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_ph
29-09-2017 - 01:32 03-12-2008 - 17:30
CVE-2007-6336 6.8
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
08-08-2017 - 01:29 20-12-2007 - 01:46
Back to Top Mark selected
Back to Top