Lucene search
K

171 matches found

UbuntuCve
UbuntuCve
added 2010/05/27 12:0 a.m.32 views

CVE-2010-1639

The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...

4.3CVSS5.9AI score0.02889EPSS
Exploits0References2
Prion
Prion
added 2010/05/26 6:30 p.m.22 views

Design/Logic Flaw

The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...

4.3CVSS6.8AI score0.02889EPSS
Exploits0References12Affected Software1
Check Point Advisories
Check Point Advisories
added 2009/10/07 12:0 a.m.5 views

ClamAV libclamav PE File Handling Integer Overflow (CVE-2008-0318)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the Petite packed PE file format. A buffer...

10CVSS7.6AI score0.07876EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/10/01 12:0 a.m.6 views

ClamAV libclamav MEW PE File Handling Integer Overflow (CVE-2007-6335)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the MEW file format. A buffer overflow...

7.5CVSS7.7AI score0.18382EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.16 views

openSUSE Security Update : klamav (klamav-195)

clamav has been updated due to security problems. The version number of the clamav library has been changed with that update. Therefore programs like klamav that are linked against libclamav need to be updated as well. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/06/10 12:0 a.m.14 views

MDVA-2009:094 : dansguardian

There was a bug with the dansguardian build where the path to /var/lib/dansguardian was wrongly set to /var/dansguardian. The libclamav support has been disabled because of too frequent changes in the clamav API, the preferred way to use clamav is to use clamd. This update fixes these problems...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2009/04/25 12:0 a.m.76 views

ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞

BUGTRAQ ID: 34446 CVECAN ID: CVE-2009-1371,CVE-2009-1372 Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV的libclamav/phishcheck.c文件中的cliurlcanon函数存在栈溢出漏洞,远程攻击者可以通过提交恶意的URL来触发这个溢出,导致执行任意代码。 如果用户使用ClamAV扫描到了UPack编码的畸形文件的话,libclamav/others.h文件的CLIISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。 ClamAV 0.95.1 ClamAV...

10CVSS0.5AI score0.0759EPSS
Exploits1
OSV
OSV
added 2009/04/23 3:30 p.m.3 views

DEBIAN-CVE-2009-1371

The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...

5CVSS6.8AI score0.03422EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2009/04/23 3:0 p.m.38 views

CVE-2009-1371

The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...

5CVSS6.1AI score0.03422EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/04/23 12:0 a.m.27 views

ClamAV Multiple Vulnerabilities (Windows)

This host has ClamAV installed, and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbclamavmultvulnapr09win.nasl 4865 2016-12-28 16:16:43Z teissa $ ClamAV Multiple Vulnerabilities Windows Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS0.6AI score0.05067EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.33 views

Mandriva Linux Security Advisory : clamav (MDVSA-2008:122)

A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release : libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. CVE-2008-2713 Other bugs have also been corrected in 0.93...

5CVSS8.2AI score0.04708EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.39 views

Mandriva Linux Security Advisory : clamav (MDVSA-2008:088)

Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including : ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled CVE-2007-6595. ClamAV 0.92 did not...

10CVSS9AI score0.10858EPSS
Exploits6References11
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.25 views

Mandriva Update for clamav MDVSA-2008:189 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2008:189 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

10CVSS0.2AI score0.03582EPSS
Exploits2References2
NVD
NVD
added 2009/04/08 4:30 p.m.16 views

CVE-2008-6680

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error...

5CVSS7.2AI score0.03718EPSS
Exploits0References12
OSV
OSV
added 2009/04/08 4:30 p.m.1 views

DEBIAN-CVE-2008-6680

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error...

5CVSS6.7AI score0.03718EPSS
Exploits0References1
Prion
Prion
added 2008/12/03 5:30 p.m.21 views

Design/Logic Flaw

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service daemon crash via a crafted JPEG file, related to the clicheckjpegexploit, jpegcheckphotoshop, and jpegcheckphotoshop8bim functions...

4.3CVSS6.4AI score0.08198EPSS
Exploits1References24Affected Software1
CVE
CVE
added 2008/12/03 5:0 p.m.70 views

CVE-2008-5314

CVE-2008-5314 is a stack consumption vulnerability in ClamAV prior to 0.94.2. The flaw is in libclamav/special.c where processing crafted JPEG files via functions cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim can exhaust the stack, leading to a denial of service thro...

4.3CVSS7.1AI score0.08198EPSS
Exploits1References24Affected Software1
exploitpack
exploitpack
added 2008/12/03 12:0 a.m.15 views

ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)

ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow PoC / There is a recursive stack overflow in clamav 0.93.3 and 0.94 and probably older versions in the jpeg parsing code. it scan's the jpeg file, and if there is a thumbnail, it'll scan that too. the thumbnail itself is just another jpeg file...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/11/26 12:0 a.m.30 views

ClamAV < 0.94.1 Off-By-One Heap based Buffer Overflow Vulnerability

ClamAV is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav";...

9.3CVSS6.1AI score0.08293EPSS
Exploits1References5
Prion
Prion
added 2008/11/13 2:30 a.m.30 views

Heap overflow

Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...

9.3CVSS7.9AI score0.08293EPSS
Exploits1References25Affected Software1
Rows per page
Query Builder