VYPR

libclamav

by ClamAV

CVEs (8)

  • CVE-2008-5314Dec 3, 2008
    risk 0.04cvss epss 0.08

    Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

  • CVE-2007-6335Dec 20, 2007
    risk 0.04cvss epss 0.18

    Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

  • CVE-2008-0314Apr 16, 2008
    risk 0.01cvss epss 0.09

    Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.

  • CVE-2008-1833Apr 16, 2008
    risk 0.01cvss epss 0.09

    Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.

  • CVE-2008-0318Feb 12, 2008
    risk 0.01cvss epss 0.08

    Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

  • CVE-2008-3912Sep 11, 2008
    risk 0.00cvss epss 0.03

    libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.

  • CVE-2008-1836Apr 16, 2008
    risk 0.00cvss epss 0.04

    The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

  • CVE-2008-0728Feb 12, 2008
    risk 0.00cvss epss 0.03

    The unmew11 function in libclamav/mew.c in libclamav in ClamAV before 0.92.1 has unknown impact and attack vectors that trigger "heap corruption."