22 matches found
Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017366)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017366 advisory. On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in...
SUSE CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
SUSE CVE-2012-1458
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...
SUSE CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...
OESA-2022-1683 clamav security update
Clam AntiVirus clamav is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command...
CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...
AZL-9666 CVE-2022-20770 affecting package clamav for versions less than 0.105.0-1
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...
DEBIAN-CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...
ALPINE-CVE-2022-20770
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...
CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
GHSA-P699-3WGC-7H72 org.apache.tika:tika-parsers has an Infinite Loop vulnerability
Versions of the package org.apache.tika:tika-parsers before version 1.18 are vulnerable to Denial of Service DoS via a carefully crafted or fuzzed file that can trigger an infinite loop via the ChmParser...
openSUSE Security Update : clamav (openSUSE-2018-838)
This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed : - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fi...
UBUNTU-CVE-2018-1339
A carefully crafted or fuzzed file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18...
CVE-2012-1458
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...
clamav: Crash with crafted chm, CVE-2008-1389
clamav: Crash with crafted chm, CVE-2008-1389 References https://vulners.com/cve/CVE-2008-1389 http://int21.de/cve/CVE-2008-1389-clamav-chd.html http://www.int21.de/cve/cve-2008-1389-samples.tar.bz2 https://wwws.clamav.net/bugzilla/showbug.cgi?id=1089 Description A fuzzing test showed weakness in...
CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
Design/Logic Flaw
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
CVE-2008-1389
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...
CVE-2008-1389
CVE-2008-1389 affects ClamAV’s CHM parser (libclamav/chmunpack.c). A malformed CHM file can trigger an invalid memory access, leading to an application crash (denial of service) in ClamAV before version 0.94. Connected advisory data confirm that this vulnerability was addressed by the vendor with...