Clamav

clamav

CVEs (60)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-0162 1Clam Anti Virus 1Clamav Apr 16, 2026 Jan 10, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
CVE-2005-3587 1Clam Anti Virus 1Clamav Apr 16, 2026 Nov 16, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
CVE-2005-3500 1Clam Anti Virus 1Clamav Apr 16, 2026 Nov 5, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes Cl...Show more The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.Show less
CVE-2005-3303 1Clam Anti Virus 1Clamav Apr 16, 2026 Nov 5, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
CVE-2005-3239 1Clam Anti Virus 1Clamav Apr 16, 2026 Oct 14, 2005 N/A· v4 N/A· v3 7.8 HIGH· v2 The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in...Show more The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.Show less
CVE-2005-2920 1Clam Anti Virus 1Clamav Apr 16, 2026 Sep 20, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.
CVE-2005-2919 1Clam Anti Virus 1Clamav Apr 16, 2026 Sep 20, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable.
CVE-2005-2450 1Clam Anti Virus 1Clamav Apr 16, 2026 Aug 3, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.
CVE-2005-1923 1Clam Anti Virus 1Clamav Apr 16, 2026 Jul 5, 2005 N/A· v4 N/A· v3 2.6 LOW· v2 The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with th...Show more The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.Show less
CVE-2005-1922 1Clam Anti Virus 1Clamav Apr 16, 2026 Jul 5, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_m...Show more The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.Show less
CVE-2005-2056 1Clam Anti Virus 1Clamav Apr 16, 2026 Jun 29, 2005 N/A· v4 N/A· v3 2.6 LOW· v2 The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive.
CVE-2005-1800 1Clam Anti Virus 1Clamav Apr 16, 2026 May 28, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
CVE-2005-1795 1Clam Anti Virus 1Clamav Apr 16, 2026 May 27, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly ha...Show more The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.Show less
CVE-2005-1711 3Clam Anti Virus GibraltarSquid 3Clamav Gibraltar FirewallSquid Apr 16, 2026 May 24, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
CVE-2005-0218 1Clam Anti Virus 1Clamav Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
CVE-2005-0133 1Clam Anti Virus 1Clamav Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.
CVE-2004-1909 1Clam Anti Virus 1Clamav Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 2.6 LOW· v2 Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.
CVE-2004-0270 1Clam Anti Virus 1Clamav Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clam...Show more libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.Show less
CVE-2004-1876 1Clam Anti Virus 1Clamav Apr 16, 2026 Mar 30, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.
CVE-2003-0946 1Clam Anti Virus 1Clamav Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format stri...Show more Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command.Show less

Previous 1 23