Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clamav vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-1640
Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote malicious users to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.
Clamav Clamav 0.96
4.3
CVSSv2
CVE-2017-6418
libclamav/message.c in ClamAV 0.99.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
Clamav Clamav 0.99.2
4.3
CVSSv2
CVE-2017-6420
The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote malicious users to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.
Clamav Clamav 0.99.2
5
CVSSv2
CVE-2005-1922
The MS-Expand file handling in Clam AntiVirus (ClamAV) prior to 0.86 allows remote malicious users to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.
Clam Anti-virus Clamav 0.85
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.81
Clam Anti-virus Clamav 0.82
Clam Anti-virus Clamav 0.84 Rc1
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
5
CVSSv2
CVE-2007-3122
The parsing engine in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
5
CVSSv2
CVE-2007-3123
unrar.c in libclamav in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 allows remote malicious users to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
2.1
CVSSv2
CVE-2007-3024
libclamav/others.c in ClamAV prior to 0.90.3 and 0.91 prior to 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc2
7.5
CVSSv2
CVE-2007-1997
Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) prior to 0.90.2 allow remote malicious users to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed compar...
Clam Anti-virus Clamav 0.90 Rc2
Clam Anti-virus Clamav 0.90 Rc3
Clam Anti-virus Clamav 0.90.2
Clam Anti-virus Clamav 0.90 Rc1.1
Clam Anti-virus Clamav 0.90
Clam Anti-virus Clamav 0.90.1
4.3
CVSSv2
CVE-2005-1800
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
Clam Anti-virus Clamav 0.81
Clam Anti-virus Clamav 0.82
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
Clam Anti-virus Clamav 0.84 Rc1
1 EDB exploit
2.6
CVSSv2
CVE-2005-1923
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote malicious users to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes ...
Clam Anti-virus Clamav 0.83
Clam Anti-virus Clamav 0.84 Rc2
Clam Anti-virus Clamav 0.85.1
Clam Anti-virus Clamav 0.84 Rc1
Clam Anti-virus Clamav 0.85
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »