Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Clamav Security Vulnerabilities - 2006

cve
cve

CVE-2006-0162

Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

7.8AI Score

0.374EPSS

2006-01-10 07:03 PM
38
cve
cve

CVE-2006-1614

Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.3AI Score

0.12EPSS

2006-04-06 10:04 PM
38
cve
cve

CVE-2006-1630

The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access."

6.2AI Score

0.219EPSS

2006-04-06 10:04 PM
40
cve
cve

CVE-2006-1989

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

7.5AI Score

0.068EPSS

2006-05-01 07:06 PM
35
cve
cve

CVE-2006-2427

freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file.

6.4AI Score

0.001EPSS

2006-05-17 10:06 AM
22
cve
cve

CVE-2006-4182

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocat...

7.7AI Score

0.367EPSS

2006-10-16 11:07 PM
35
cve
cve

CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."

6AI Score

0.473EPSS

2006-10-16 11:07 PM
32
cve
cve

CVE-2006-5874

Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.

6.2AI Score

0.087EPSS

2006-12-10 02:28 AM
41
cve
cve

CVE-2006-6406

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

6.2AI Score

0.301EPSS

2006-12-10 02:28 AM
35
cve
cve

CVE-2006-6481

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.

9.1AI Score

0.301EPSS

2006-12-12 01:28 AM
38