SUSE CVE-2008-1100

Buffer overflow in the cliscanpe function in libclamav libclamav/pe.c for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file...

SUSE CVE-2009-1371

The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...

SUSE CVE-2014-9328

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."...

upack-trade.by Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1098175 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting upack-trade.by website and...

CVE-2009-1371

The CLIISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service application crash via a malformed file with UPack encoding...

Fedora 20 : clamav-0.98.7-1.fc20 (2015-7378)

ClamAV 0.98.7 ============= This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted...

Mandriva Linux Security Advisory : clamav (MDVSA-2015:166)

Updated clamav packages fix security vulnerabilities : ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs : Certain JavaScript files causes ClamAV to segfault when scanned with the -a list archived files CVE-2013-6497. A heap buffer overflow was reported in...

Medium: clamav

Issue Overview: ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." Affected Packages: clamav Issue Correction: Run yum update clamav or yum update --advisory ALAS-2015-486 to update your system. New...

Mandriva Linux Security Advisory : clamav (MDVSA-2015:042)

Updated clamav packages fix security vulnerabilities : ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs : Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a...

MGASA-2015-0056 Updated clamav packages fix security vulnerabilities

ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs: Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted mew packer file...

ClamAV Denial of Service Vulnerability

ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A security vulnerability exists in versions of ClamAV prior to 0.98.6. The vulnerability can be exploited by a remo...

DEBIAN-CVE-2014-9328

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."...

CVE-2014-9328

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."...

Heap overflow

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."...

USN-2488-1 clamav vulnerability

Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code...

Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)

ClamAV 0.98.6 ============= ClamAV 0.98.6 is a bug fix release correcting the following : - library shared object revisions. - installation issues on some Mac OS X and FreeBSD platforms. - includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd. - Fix a hea...

UBUNTU-CVE-2014-9328

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."...

GLSA-200909-04 : Clam AntiVirus: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200909-04 Clam AntiVirus: Multiple vulnerabilities Multiple vulnerabilities have been found in ClamAV: The vendor reported a Divide-by-zero error in the PE 'Portable Executable'; Windows .exe file handling of ClamAV CVE-2008-6680...

openSUSE Security Update : clamav (clamav-809)

This clamav version upgrade to 0.95.1 fixes a buffer overflow error in the cliurlcanon function CVE-2009-1372 and a denial of service condition occuring while parsing malformed UPack archives CVE-2009-1371. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞

BUGTRAQ ID: 34446 CVECAN ID: CVE-2009-1371,CVE-2009-1372 Clam AntiVirus是Unix的GPL杀毒工具包，很多邮件网关产品都在使用。 ClamAV的libclamav/phishcheck.c文件中的cliurlcanon函数存在栈溢出漏洞，远程攻击者可以通过提交恶意的URL来触发这个溢出，导致执行任意代码。 如果用户使用ClamAV扫描到了UPack编码的畸形文件的话，libclamav/others.h文件的CLIISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。 ClamAV 0.95.1 ClamAV...