Clamav

Clamav

96 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2011-2721

  • EPSS 3.07%
  • Veröffentlicht 05.08.2011 21:55:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculation...

6.8

CVE-2011-1003

  • EPSS 8.36%
  • Veröffentlicht 23.02.2011 19:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office d...

7.5

CVE-2010-4479

  • EPSS 5.47%
  • Veröffentlicht 07.12.2010 13:53:30
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability ...

7.5

CVE-2010-4261

  • EPSS 8.53%
  • Veröffentlicht 07.12.2010 13:53:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NO...

5

CVE-2010-4260

  • EPSS 6.32%
  • Veröffentlicht 07.12.2010 13:53:29
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #...

9.3

CVE-2010-3434

  • EPSS 9.96%
  • Veröffentlicht 30.09.2010 15:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of th...

4.3

CVE-2010-1640

  • EPSS 2.01%
  • Veröffentlicht 26.05.2010 18:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling.

4.3

CVE-2010-1639

  • EPSS 3.33%
  • Veröffentlicht 26.05.2010 18:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.

5

CVE-2010-1311

  • EPSS 5.06%
  • Veröffentlicht 08.04.2010 17:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE:...

10

CVE-2010-0098

  • EPSS 3.39%
  • Veröffentlicht 08.04.2010 17:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.