11 matches found
ABB M2M Gateway Arbitrary Code Execution in embedded ClamAV (CVE-2023-20032)
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...
QNAP QTS / QuTS hero Multiple Vulnerabilities in ClamAV (QSA-23-26)
The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-26 advisory. - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7and earlier could allow an...
ClamAV < 0.103.8 / 0.104.x < 0.105.2 / 1.0.x < 1.0.1 RCE
The version of ClamAV installed on the remote host is prior to 0.103.8, 0.104.x prior to 0.105.2 or 1.0.x prior to 1.0.1. It is, therefore, affected by a remote code execution vulnerability in the HFS+ partition file parser of the ClamAV scanning library. An unauthenticated, remote attacker could...
Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 38 / 9.0.0 < 9.0.0 Patch 31 Multiple Vulnerabilities in ClamAV
According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities in the bundled ClamAV package, including: - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could...
CBL Mariner 2.0 Security Update: clamav (CVE-2023-20032)
The version of clamav installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-20032 advisory. - On February 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A...
ClamAV < 0.103.8 / 0.104.x < 0.105.2 / 1.0.0 Multiple Vulnerabilities
According to its version, the ClamAV clamd antivirus daemon running on the remote host is prior to 0.103.8, 0.104.x prior to 0.105.2, or 1.0.0. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1...
Heap overflow
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...
Denial Of Service (DoS)
clamav is vulnerable to denial of service DoS. A missing buffer size check results in a heap buffer overflow write, an attacker could submit a crafted HFS+ partition file allowing them to execute arbitrary code resulting in a system crash...
CVE-2023-20032
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...
FreeBSD : clamav -- Multiple vulnerabilities (fd792048-ad91-11ed-a879-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fd792048-ad91-11ed-a879-080027f5fec9 advisory. - On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A...
ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...