Lucene search

K

Squidclamav Security Vulnerabilities

cve
cve

CVE-2012-3501

The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cause a denial of service (daemon crash) via a URL with certain characters, as demonstrated using %0D.....

6.6AI Score

0.021EPSS

2022-10-03 04:15 PM
20
cve
cve

CVE-2012-4667

Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) virus, (3) source, or (4) user parameter to (a) clwarn.cgi, (b) clwarn.cgi.de_DE, (c) clwarn.cgi.en_EN, (d) clwarn.cgi.fr_FR, (e)...

5.7AI Score

0.003EPSS

2012-08-25 10:29 AM
19