National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:clamav:clamav:0.60p
There are 50 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2015-2668

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.

Published: May 12, 2015; 03:59:15 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-2222

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.

Published: May 12, 2015; 03:59:13 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-2221

ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.

Published: May 12, 2015; 03:59:12 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-2170

The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

Published: May 12, 2015; 03:59:09 PM -04:00
    V2: 5.0 MEDIUM
CVE-2015-1463

ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."

Published: February 03, 2015; 11:59:34 AM -05:00
    V2: 5.0 MEDIUM
CVE-2015-1462

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."

Published: February 03, 2015; 11:59:34 AM -05:00
    V2: 7.5 HIGH
CVE-2015-1461

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."

Published: February 03, 2015; 11:59:33 AM -05:00
    V2: 7.5 HIGH
CVE-2014-9328

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."

Published: February 03, 2015; 11:59:02 AM -05:00
    V2: 7.5 HIGH
CVE-2014-9050

Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.

Published: December 01, 2014; 10:59:10 AM -05:00
    V2: 5.0 MEDIUM
CVE-2013-6497

clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.

Published: December 01, 2014; 10:59:00 AM -05:00
    V2: 2.1 LOW
CVE-2013-2020

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read.

Published: May 13, 2013; 07:55:02 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-3627

The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.

Published: November 17, 2011; 02:55:01 PM -05:00
    V2: 4.3 MEDIUM
CVE-2011-2721

Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.

Published: August 05, 2011; 05:55:08 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-1003

Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office document. NOTE: some of these details are obtained from third party information.

Published: February 23, 2011; 02:00:02 PM -05:00
    V2: 6.8 MEDIUM
CVE-2010-4479

Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.

Published: December 07, 2010; 08:53:30 AM -05:00
    V2: 7.5 HIGH
CVE-2010-4261

Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

Published: December 07, 2010; 08:53:29 AM -05:00
    V2: 7.5 HIGH
CVE-2010-4260

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."

Published: December 07, 2010; 08:53:29 AM -05:00
    V2: 5.0 MEDIUM
CVE-2010-3434

Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.

Published: September 30, 2010; 11:00:04 AM -04:00
    V2: 9.3 HIGH
CVE-2010-1639

The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.

Published: May 26, 2010; 02:30:01 PM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1311

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 01:30:00 PM -04:00
    V2: 5.0 MEDIUM