Clamav Security Vulnerabilities and Issues — Clamav CVE List

Lucene search

Clam Anti-virusClamav

10 matches found

CVE•added 2006/01/10 7:3 p.m.•64 views

CVE-2006-0162

Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

7.5CVSS7.8AI score0.27999EPSS

CVE•added 2006/12/12 1:28 a.m.•60 views

CVE-2006-6481

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.

5CVSS9.1AI score0.03836EPSS

CVE•added 2006/12/10 2:28 a.m.•55 views

CVE-2006-5874

Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.

5CVSS6.2AI score0.01421EPSS

CVE•added 2006/04/06 10:4 p.m.•53 views

CVE-2006-1630

The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access."

5CVSS6.2AI score0.16987EPSS

CVE•added 2006/04/06 10:4 p.m.•51 views

CVE-2006-1614

Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

5.1CVSS7.3AI score0.28171EPSS

CVE•added 2006/05/01 7:6 p.m.•49 views

CVE-2006-1989

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

5.1CVSS7.5AI score0.04489EPSS

CVE•added 2006/12/10 2:28 a.m.•49 views

CVE-2006-6406

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

5CVSS6.2AI score0.03836EPSS

CVE•added 2006/10/16 11:7 p.m.•48 views

CVE-2006-4182

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocat...

7.5CVSS7.7AI score0.14497EPSS

CVE•added 2006/10/16 11:7 p.m.•43 views

CVE-2006-5295

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."

5CVSS6AI score0.20863EPSS

CVE•added 2006/05/17 10:6 a.m.•34 views

CVE-2006-2427

freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file.

7.2CVSS6.4AI score0.00047EPSS