3 matches found
Debian DSA-737-1 : clamav - remote denial of service
A number of potential remote denial of service vulnerabilities have been identified in ClamAV. In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvd.c and libclamav/message.c. Together, these issues could allow a carefully crafted message to crash ...
CVE-2005-1923
The ENSUREBITS macro in mszipd.c for Clam AntiVirus ClamAV 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service CPU consumption by infinite loop via a cabinet CAB file with the cffileFolderOffset field set to 0xff, which causes a zero-length read...
CVE-2005-1923
CVE-2005-1923 affects ClamAV up to 0.85/0.83 (affected: ClamAV 0.83 and other versions before 0.86). The vulnerability is in the ENSURE_BITS macro used in mszipd.c, where a CAB file with cffile_FolderOffset = 0xff can cause a zero-length read, leading to an infinite loop and high CPU usage (remot...