← Back

CVE-2004-1876

nvd nist
Published: Mar 30, 2004Modified: Apr 16, 2026

JSON object

Loading...
4.6
Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 3.9 / Impact: 6.4
Source: NVD

Description

The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.

Affected (9)

Clam Anti Virus
1 product
Clamav
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Clam Anti Virus
Clamav
Version 0.51
Clamav
Version 0.52
Clamav
Version 0.53
Clamav
Version 0.54
Clamav
Version 0.60
Clamav
Version 0.65
Clamav
Version 0.67
Clamav
Version 0.68.1
Clamav
Version 0.68

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.