Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*
  • CPE Name Search: true
There are 60 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2010-4479

Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.

Published: December 07, 2010; 8:53:30 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-4261

Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

Published: December 07, 2010; 8:53:29 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-4260

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396."

Published: December 07, 2010; 8:53:29 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-3434

Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.

Published: September 30, 2010; 11:00:04 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1639

The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.

Published: May 26, 2010; 2:30:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1311

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

Published: April 08, 2010; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-0098

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

Published: April 08, 2010; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2008-6845

The unpack feature in ClamAV 0.93.3 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a corrupted LZH file.

Published: July 02, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1372

Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.

Published: April 23, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2009-1371

The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding.

Published: April 23, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1270

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.

Published: April 08, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2008-6680

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

Published: April 08, 2009; 12:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1241

Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.

Published: April 03, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-3914

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.

Published: September 10, 2008; 9:13:41 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2008-3913

Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".

Published: September 10, 2008; 9:13:41 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-3912

libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.

Published: September 10, 2008; 9:13:41 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-0728

The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."

Published: February 12, 2008; 3:00:00 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2007-2650

The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.

Published: May 14, 2007; 5:19:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2006-1615

Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.

Published: April 06, 2006; 6:04:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2005-3501

The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.

Published: November 05, 2005; 6:02:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM