Clamav Security Vulnerabilities and Issues — Clamav CVE List

Lucene search

Clam Anti-virusClamav

5 matches found

CVE•added 2007/06/07 9:30 p.m.•263 views

CVE-2007-3023

unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.

10CVSS6.2AI score0.01516EPSS

CVE•added 2007/06/07 10:30 p.m.•251 views

CVE-2007-3024

libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.

2.1CVSS5.8AI score0.00056EPSS

CVE•added 2007/06/07 9:30 p.m.•248 views

CVE-2007-3122

The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.

5CVSS6.2AI score0.00976EPSS

CVE•added 2007/06/07 9:30 p.m.•244 views

CVE-2007-3123

unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.

5CVSS6.3AI score0.02712EPSS

CVE•added 2007/06/07 10:30 p.m.•233 views

CVE-2007-3025

Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions.

5CVSS6.5AI score0.00584EPSS