Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clam anti-virus clamav 0.84 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1997
Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) prior to 0.90.2 allow remote malicious users to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed compar...
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
2.6
CVSSv2
CVE-2005-1923
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote malicious users to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes ...
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.84 Rc1
Clam Anti-virus Clamav 0.85
5
CVSSv2
CVE-2007-3122
The parsing engine in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
5
CVSSv2
CVE-2007-3123
unrar.c in libclamav in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
2.1
CVSSv2
CVE-2007-3024
libclamav/others.c in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc2
10
CVSSv2
CVE-2007-3023
unsp.c in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90 Rc2
2.6
CVSSv2
CVE-2005-2056
The Quantum archive decompressor in Clam AntiVirus (ClamAV) prior to 0.86.1 allows remote malicious users to cause a denial of service (application crash) via a crafted Quantum archive.
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.86
Clam Anti-virus Clamav 0.85
7.5
CVSSv2
CVE-2005-2450
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and previous versions allow remote malicious users to gain privileges via a crafted e-mail message.
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.86
Clam Anti-virus Clamav 0.85
5.1
CVSSv2
CVE-2006-1989
Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.
Clam Anti-virus Clamav 0.88.1
Clam Anti-virus Clamav 0.88
7.8
CVSSv2
CVE-2005-3239
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote malicious users to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.
Clam Anti-virus Clamav .
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »