SUSE CVE-2007-3025

Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service hang via unknown vectors related to the isURL function and regular expressions...

SUSE CVE-2009-1372

Stack-based buffer overflow in the cliurlcanon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted URL...

ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞

BUGTRAQ ID: 34446 CVECAN ID: CVE-2009-1371,CVE-2009-1372 Clam AntiVirus是Unix的GPL杀毒工具包，很多邮件网关产品都在使用。 ClamAV的libclamav/phishcheck.c文件中的cliurlcanon函数存在栈溢出漏洞，远程攻击者可以通过提交恶意的URL来触发这个溢出，导致执行任意代码。 如果用户使用ClamAV扫描到了UPack编码的畸形文件的话，libclamav/others.h文件的CLIISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。 ClamAV 0.95.1 ClamAV...

DEBIAN-CVE-2009-1372

Stack-based buffer overflow in the cliurlcanon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted URL...