Clam Anti-Virus: >> Clamav >> 0.53 Security Vulnerabilities
The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access."
CVSS Score
5.0
EPSS Score
0.17
Published
2006-04-06
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
CVSS Score
7.5
EPSS Score
0.28
Published
2006-01-10
Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
CVSS Score
10.0
EPSS Score
0.004
Published
2005-11-16
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.
CVSS Score
5.0
EPSS Score
0.059
Published
2005-11-05
ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.
CVSS Score
5.0
EPSS Score
0.013
Published
2005-05-02
ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
CVSS Score
5.0
EPSS Score
0.013
Published
2005-05-02
The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-03-30
Page 2