Clamav Security Vulnerabilities and Issues — Clamav CVE List

Lucene search

Clam Anti-virusClamav

5 matches found

CVE•added 2007/06/07 10:30 p.m.•251 views

CVE-2007-3024

libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.

2.1CVSS5.8AI score0.00056EPSS

CVE•added 2005/06/29 4:0 a.m.•59 views

CVE-2005-2056

The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive.

2.6CVSS8.8AI score0.01101EPSS

CVE•added 2005/07/05 4:0 a.m.•56 views

CVE-2005-1923

The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.

2.6CVSS8.9AI score0.00655EPSS

CVE•added 2007/12/31 7:46 p.m.•56 views

CVE-2007-6595

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.

2.1CVSS5.9AI score0.00047EPSS

CVE•added 2005/05/10 4:0 a.m.•46 views

CVE-2004-1909

Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.

2.6CVSS6.5AI score0.00911EPSS