Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:darold:squidclamav:6.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-3501 |
The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cause a denial of service (daemon crash) via a URL with certain characters, as demonstrated using %0D or %0A. Published: August 25, 2012; 6:29:52 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |