SuSE 10 Security Update : clamav (ZYPP Patch Number 2390)

This update to ClamAV version 0.88.7 fixes various bugs : - Clam AntiVirus ClamAV allows remote attackers to cause a denial of service crash via a malformed base64-encoded MIME attachment that triggers a NULL pointer dereference. CVE-2006-5874 - Clam AntiVirus ClamAV 0.88.6 allowed remote attacke...

GLSA-200612-18 : ClamAV: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200612-18 ClamAV: Denial of Service Hendrik Weimer discovered that ClamAV fails to properly handle deeply nested MIME multipart/mixed content. Impact : By sending a specially crafted email with deeply nested MIME multipart/mixed...

CVE-2006-6481

CVE-2006-6481 affects ClamAV 0.88.6. The vulnerability allows a remote attacker to cause a denial of service through crafted multipart/mixed content that leads to a stack overflow and application crash. This is described as a different vulnerability from CVE-2006-5874 and CVE-2006-6406. The provi...

CVE-2006-6481

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to cause a denial of service stack overflow and application crash by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406...

Multiple Vendor Unusual MIME Encoding Content Filter Bypass

Several e-mail virus scanners can be tricked into passing an EICAR test file if the following conditions are met: 1. the EICAR file is encoded in Base64 including characters not in the standard alphabet e.g. whitespaces and 2. the part containing the EICAR file is nested within one or several...