Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clam anti-virus clamav vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2427
freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and previous versions does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of...
Clam Anti-virus Clamxav 1.0.3h
Clam Anti-virus Clamav 0.88
NA
CVE-2005-3239
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote malicious users to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.
Clam Anti-virus Clamav .
NA
CVE-2007-6335
Integer overflow in libclamav in ClamAV prior to 0.92 allows remote malicious users to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav
1 EDB exploit
NA
CVE-2007-6336
Off-by-one error in ClamAV prior to 0.92 allows remote malicious users to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
Clam Anti-virus Clamav
NA
CVE-2007-4560
clamav-milter in ClamAV prior to 0.91.2, when run in black hole mode, allows remote malicious users to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
Clam Anti-virus Clamav
3 EDB exploits
2 Github repositories
NA
CVE-2005-1795
The filecopy function in misc.c in Clam AntiVirus (ClamAV) prior to 0.85, on Mac OS, allows remote malicious users to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from bei...
Clam Anti-virus Clamav
NA
CVE-2008-0318
Integer overflow in the cli_scanpe function in libclamav in ClamAV prior to 0.92.1, as used in clamd, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav
NA
CVE-2004-0270
libclamav in Clam AntiVirus 0.65 allows remote malicious users to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
Clam Anti-virus Clamav 0.65
1 EDB exploit
NA
CVE-2008-1833
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote malicious users to execute arbitrary code via a crafted WWPack compressed PE binary.
Clam Anti-virus Clamav 0.92.1
NA
CVE-2007-6595
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.
Clam Anti-virus Clamav 0.92
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »