Lucene search
+L

541 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.44 views

Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-052)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-052 advisory. A vulnerability in the OOXML parsing module in Clam AntiVirus ClamAV Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause...

8.6CVSS6.6AI score0.0663EPSS
Exploits1References12
F5 Networks
F5 Networks
added 2023/02/21 7:45 p.m.25 views

K6795: ClamAV CHM Chunk Name Length DoS Vulnerability - CVE-2006-5295

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS6.3AI score0.10739EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

10CVSS7.3AI score0.02163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-2930

Stack-based buffer overflow in the chmfindinPMGL function in chmlib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318...

5.1CVSS8.4AI score0.02527EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-3318

Buffer overflow in the chmdecompressblock function in CHM lib chmlib before 0.37, as used in products such as KchmViewer, allows attackers to execute arbitrary code, a different vulnerability than CVE-2005-2930...

5.1CVSS7.9AI score0.03778EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.4 views

SUSE CVE-2006-3178

Directory traversal vulnerability in extractchmLib example program in CHM Lib chmlib before 0.38 allows remote attackers to overwrite arbitrary files via a CHM archive containing files with a .. dot dot in their filename...

5CVSS7.1AI score0.0228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service scanning service crash via a crafted Compressed HTML Help CHM file that causes ClamAV to "read an invalid memory location."...

5CVSS6.6AI score0.10739EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-1745

The chmdecompressstream function in libclamav/chmunpack.c in Clam AntiVirus ClamAV before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third part...

7.1CVSS9.2AI score0.02333EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-1997

Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...

7.5CVSS9.6AI score0.05412EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.3 views

SUSE CVE-2008-1389

libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service application crash via a malformed CHM file, related to an "invalid memory access."...

5CVSS6.8AI score0.03377EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.6 views

SUSE CVE-2012-1458

The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...

4.3CVSS6.7AI score0.73738EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.2 views

SUSE CVE-2015-4467

The chmdinitdecomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted CHM file...

4.3CVSS6.7AI score0.01456EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4468

Multiple integer overflows in the searchchunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service buffer over-read and application crash via a crafted CHM file...

4.3CVSS6.8AI score0.01456EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4472

Off-by-one error in the READENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted CHM file...

6.8CVSS7.5AI score0.01586EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.4 views

SUSE CVE-2017-6419

mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted CHM file...

8.1CVSS9.8AI score0.01976EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.5 views

SUSE CVE-2018-14682

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...

4.4CVSS9.6AI score0.03806EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.5 views

SUSE CVE-2019-1010305

libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit...

2.5CVSS8.2AI score0.01464EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.3 views

SUSE CVE-2022-20770

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an...

6.5CVSS6.6AI score0.0659EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.39 views

Amazon Linux 2022 : clamav (ALAS2022-2022-229)

The version of clamav installed on the remote host is prior to 0.103.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-229 advisory. - A vulnerability in the OOXML parsing module in Clam AntiVirus ClamAV Software version 0.104.1 and LTS version 0.103.4...

8.6CVSS6.5AI score0.0663EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2022/11/29 12:0 a.m.62 views

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 35 / 9.0.0 < 9.0.0 Patch 28 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, as follows: - A vulnerability in the ClamAV package: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and...

8.6CVSS7.7AI score0.19008EPSS
Exploits1References7
Rows per page
Query Builder