Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Clam Anti-virus Subscribe
Filtered by product Clamav
Total 62 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0946 1 Clam Anti-virus 1 Clamav 2016-10-17 7.5 HIGH N/A
Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command.
CVE-2005-1795 1 Clam Anti-virus 1 Clamav 2016-05-25 7.5 HIGH N/A
The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.
CVE-2007-3023 1 Clam Anti-virus 1 Clamav 2012-10-30 10.0 HIGH N/A
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.
CVE-2008-1389 1 Clam Anti-virus 1 Clamav 2011-03-07 5.0 MEDIUM N/A
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
CVE-2007-6337 2 Clam Anti-virus, Gentoo 2 Clamav, Linux 2011-03-07 10.0 HIGH N/A
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
CVE-2006-6481 1 Clam Anti-virus 1 Clamav 2011-03-07 5.0 MEDIUM N/A
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406.
CVE-2005-3500 1 Clam Anti-virus 1 Clamav 2011-03-07 5.0 MEDIUM N/A
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.
CVE-2005-3303 1 Clam Anti-virus 1 Clamav 2011-03-07 7.5 HIGH N/A
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
CVE-2008-0318 1 Clam Anti-virus 1 Clamav 2011-03-06 10.0 HIGH N/A
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
CVE-2006-5874 1 Clam Anti-virus 1 Clamav 2010-09-14 5.0 MEDIUM N/A
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
CVE-2005-3587 1 Clam Anti-virus 1 Clamav 2010-04-01 10.0 HIGH N/A
Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
CVE-2005-3239 1 Clam Anti-virus 1 Clamav 2010-04-01 7.8 HIGH N/A
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.
CVE-2005-2056 1 Clam Anti-virus 1 Clamav 2008-11-14 2.6 LOW N/A
The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive.
CVE-2005-1800 1 Clam Anti-virus 1 Clamav 2008-09-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
CVE-2005-0133 1 Clam Anti-virus 1 Clamav 2008-09-10 5.0 MEDIUM N/A
ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.
CVE-2005-0218 1 Clam Anti-virus 1 Clamav 2008-09-10 5.0 MEDIUM N/A
ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
CVE-2007-6029 1 Clam Anti-virus 1 Clamav 2008-09-05 7.5 HIGH N/A
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2007-3025 2 Clam Anti-virus, Sun 2 Clamav, Solaris 2008-09-05 5.0 MEDIUM N/A
Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions.
CVE-2007-3024 1 Clam Anti-virus 1 Clamav 2008-09-05 2.1 LOW N/A
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
CVE-2005-1923 1 Clam Anti-virus 1 Clamav 2008-09-05 2.6 LOW N/A
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.