7 matches found
ClamAV: Multiple Denials of Service
Background ClamAV is a GPL virus scanner. Description Several vulnerabilities were discovered in ClamAV by various researchers: Victor Stinner INL discovered that the OLE2 parser may enter in an infinite loop CVE-2007-2650. A boundary error was also reported by an anonymous researcher in the file...
Code injection
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
CVE-2007-3023
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
CVE-2007-3023
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
CVE-2007-3023
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
CVE-2007-3023
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...
CVE-2007-3023
CVE-2007-3023 is discussed in multiple connected sources as part of the ClamAV vulnerabilities list. The Debian advisory (DSA-1320-1) and related OpenVAS entries describe several issues in ClamAV, including: (1) the NsPack decompression path not sanitising an internal length variable, potentially...