Clamav Security Vulnerabilities and Issues — Clamav CVE List

Lucene search

Clam Anti-virusClamav

5 matches found

CVE•added 2007/12/20 1:46 a.m.•66 views

CVE-2007-6335

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

7.5CVSS9.7AI score0.39002EPSS

CVE•added 2007/12/20 1:46 a.m.•58 views

CVE-2007-6336

Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

6.8CVSS9.4AI score0.08285EPSS

CVE•added 2007/12/31 7:46 p.m.•56 views

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.

2.1CVSS5.9AI score0.00047EPSS

CVE•added 2007/12/31 7:46 p.m.•50 views

CVE-2007-6596

ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.

5CVSS6.3AI score0.0031EPSS

CVE•added 2007/12/31 7:46 p.m.•48 views

CVE-2007-6337

Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.

10CVSS9.3AI score0.02522EPSS