171 matches found
CVE-2010-1639
The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...
Design/Logic Flaw
The clipdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service crash via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length...
ClamAV libclamav PE File Handling Integer Overflow (CVE-2008-0318)
ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the Petite packed PE file format. A buffer...
ClamAV libclamav MEW PE File Handling Integer Overflow (CVE-2007-6335)
ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the MEW file format. A buffer overflow...
openSUSE Security Update : klamav (klamav-195)
clamav has been updated due to security problems. The version number of the clamav library has been changed with that update. Therefore programs like klamav that are linked against libclamav need to be updated as well. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
MDVA-2009:094 : dansguardian
There was a bug with the dansguardian build where the path to /var/lib/dansguardian was wrongly set to /var/dansguardian. The libclamav support has been disabled because of too frequent changes in the clamav API, the preferred way to use clamav is to use clamd. This update fixes these problems...
ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞
BUGTRAQ ID: 34446 CVECAN ID: CVE-2009-1371,CVE-2009-1372 Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV的libclamav/phishcheck.c文件中的cliurlcanon函数存在栈溢出漏洞,远程攻击者可以通过提交恶意的URL来触发这个溢出,导致执行任意代码。 如果用户使用ClamAV扫描到了UPack编码的畸形文件的话,libclamav/others.h文件的CLIISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。 ClamAV 0.95.1 ClamAV...
DEBIAN-CVE-2009-1371
The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...
CVE-2009-1371
The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...
ClamAV Multiple Vulnerabilities (Windows)
This host has ClamAV installed, and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbclamavmultvulnapr09win.nasl 4865 2016-12-28 16:16:43Z teissa $ ClamAV Multiple Vulnerabilities Windows Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...
Mandriva Linux Security Advisory : clamav (MDVSA-2008:122)
A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release : libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. CVE-2008-2713 Other bugs have also been corrected in 0.93...
Mandriva Linux Security Advisory : clamav (MDVSA-2008:088)
Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including : ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled CVE-2007-6595. ClamAV 0.92 did not...
Mandriva Update for clamav MDVSA-2008:189 (clamav)
Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2008:189 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CVE-2008-6680
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error...
DEBIAN-CVE-2008-6680
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error...
Design/Logic Flaw
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service daemon crash via a crafted JPEG file, related to the clicheckjpegexploit, jpegcheckphotoshop, and jpegcheckphotoshop8bim functions...
CVE-2008-5314
CVE-2008-5314 is a stack consumption vulnerability in ClamAV prior to 0.94.2. The flaw is in libclamav/special.c where processing crafted JPEG files via functions cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim can exhaust the stack, leading to a denial of service thro...
ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)
ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow PoC / There is a recursive stack overflow in clamav 0.93.3 and 0.94 and probably older versions in the jpeg parsing code. it scan's the jpeg file, and if there is a thumbnail, it'll scan that too. the thumbnail itself is just another jpeg file...
ClamAV < 0.94.1 Off-By-One Heap based Buffer Overflow Vulnerability
ClamAV is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav";...
Heap overflow
Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...