11 matches found
DEBIAN-CVE-2023-20052
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...
Cisco ESA/WSA AMP ClamAV Denial of Service Vulnerability
The Cisco Email Security Appliance is an email security protection solution. A security vulnerability exists in Cisco ESA and WSA AMP ClamAV, stemming from the libclamav library failing to properly parse input files. An attacker can send a constructed document that triggers a scan of the AMP Clam...
UPX Compressed PE Executable Files (CVE-2005-2920)
ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the UPX Ultimate Packer for eXecutables fi...
CVE-2005-4438
Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field...
Panda Remote Heap Overflow
Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...
[Full-disclosure] ClamAV Multiple Rem0te Buffer Overflows
Date July 25, 2005 Vulnerability ClamAV is the most widely used GPL antivirus library today. It provides file format support for virus analysis. During analysis ClamAV Antivirus Library is vulnerable to buffer overflows allowing attackers complete control of the system. These vulnerabilities can ...
[Full-disclosure] Computer Associates Vet Antivirus Library Remote Heap Overflow
Date May 23, 2005 Vulnerability Computer Associates Vet library provides antivirus scan engine capabilities. Vet scan engines allow products to analyze various streams for malware. Vet is vulnerable to an integer wrap during the analysis of an OLE stream. The integer wrap causes an arbitrary heap...
CVE-2005-0533
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure...
ISS Protection Brief: Trend Micro AntiVirus Library Heap Overflow
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief February 24, 2005 Trend Micro AntiVirus Library Heap Overflow Summary: ISS has shipped protection for a flaw X-Force has discovered in Trend Micro AntiVirus Library. The Trend Micro AntiVirus Library is widely relied up...
Symantec products vulnerable to buffer overflow via a specially crafted UPX file
Overview The Symantec AntiVirus Library DEC2EXE component is vulnerable to remote arbitrary code execution. Description The Symantec AntiVirus Library is used in many Symantec and third-party virus scanning products, including Symantec Norton Antivirus and Symantec BrightMail AntiSpam.The AntiVir...
CVE-2005-0249
Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...