Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amavis amavis vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-41352
An issue exists in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over...
Zimbra Collaboration 9.0.0
Zimbra Collaboration 8.8.15
1 Metasploit module
4 Github repositories
1 Article
NA
CVE-2024-28054
Amavis prior to 2.12.3 and 2.13.x prior to 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict (relative to some mail user agents) when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for b...
NA
CVE-2009-1391
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module prior to 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent malicious users to cause a denial of service (hang or crash) via a crafted zlib compressed...
Paul Marquess Compress-raw-zlib Perl Module 2.008
Paul Marquess Compress-raw-zlib Perl Module 2.006
Paul Marquess Compress-raw-zlib Perl Module 2.001
Paul Marquess Compress-raw-zlib Perl Module
Paul Marquess Compress-raw-zlib Perl Module 2.005
Paul Marquess Compress-raw-zlib Perl Module 2.004
Paul Marquess Compress-raw-zlib Perl Module 2.014
Paul Marquess Compress-raw-zlib Perl Module 2.012
Paul Marquess Compress-raw-zlib Perl Module 2.011
Paul Marquess Compress-raw-zlib Perl Module 2.003
Paul Marquess Compress-raw-zlib Perl Module 2.002
Paul Marquess Compress-raw-zlib Perl Module 2.010
Paul Marquess Compress-raw-zlib Perl Module 2.009
1 EDB exploit
NA
CVE-2007-1673
unzoo.c, as used in multiple products including AMaViS 2.4.1 and previous versions, allows remote malicious users to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Panda Panda Antivirus 2007
Barracuda Networks Barracuda Spam Firewall Model 200
Barracuda Networks Barracuda Spam Firewall Model 300
Barracuda Networks Barracuda Spam Firewall Model 400
Avira Antivir
Avira Antivir Personal
Avast Avast Antivirus 4.6.394
Avast Avast Antivirus 4.7.652
Avast Avast Antivirus Home 4.6.691
Avast Avast Antivirus Home 4.7.1043
Avast Avast Antivirus Home 4.7.844
Avast Avast Antivirus Home 4.7.869
Avast Avast Antivirus Professional 4.6.691
Avast Avast Antivirus Professional 4.7.1043
Picozip Picozip
Panda Panda Antivirus And Firewall 2007
Unzoo Unzoo 4.4
Barracuda Networks Barracuda Spam Firewall Model 500
Barracuda Networks Barracuda Spam Firewall Model 600
Avast Avast Antivirus 4.7.700
Avast Avast Antivirus
Avast Avast Antivirus Home 4.7.1098
NA
CVE-2007-1669
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef prior to 2.0.6399, (2) Spam Firewall prior to 3.4 20070319 with virusdef prior to 2.0.6399o, and (3) AMaViS 2.4.1 and previous versions, allows remote malic...
Amavis Amavis
1 EDB exploit
NA
CVE-2007-2026
The gnu regular expression code in file 4.20 allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, ...
Amavis Virus Scanner
Gentoo File 4.20
NA
CVE-2002-1109
securetar, as used in AMaViS shell script 0.2.1 and previous versions, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.
Amavis Virus Scanner
NA
CVE-1999-1512
The AMaViS virus scanner 0.2.0-pre4 and previous versions allows remote malicious users to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
Amavis Virus Scanner
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started