Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.
7.4AI Score
0.019EPSS
The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third pa...
7.4AI Score
0.219EPSS
Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-b...
9.5AI Score
0.203EPSS
File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file.
6AI Score
0.123EPSS
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.
6.2AI Score
0.027EPSS
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
5.8AI Score
0.0004EPSS
Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions.
6.5AI Score
0.014EPSS
The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.
6.2AI Score
0.55EPSS
unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
6.3AI Score
0.262EPSS
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.
8.8AI Score
0.144EPSS
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML documen...
8.9AI Score
0.145EPSS
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
9.7AI Score
0.961EPSS
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable a...
7.4AI Score
0.037EPSS
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
9.7AI Score
0.266EPSS
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
9.4AI Score
0.246EPSS
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
9.3AI Score
0.022EPSS
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
5.9AI Score
0.0004EPSS
ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.
6.3AI Score
0.038EPSS