VYPR

Clamav

by ClamAV

Source repositories

CVEs (147)

  • CVE-2005-1795May 27, 2005
    risk 0.00cvss epss 0.04

    The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being…

  • CVE-2005-1711May 24, 2005
    risk 0.00cvss epss 0.01

    Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.

  • CVE-2005-0133May 2, 2005
    risk 0.00cvss epss 0.03

    ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.

  • CVE-2005-0218May 2, 2005
    risk 0.00cvss epss 0.02

    ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.

  • CVE-2004-1909Dec 31, 2004
    risk 0.00cvss epss 0.01

    Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.

  • CVE-2004-1876Mar 30, 2004
    risk 0.00cvss epss 0.01

    The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.

  • CVE-2003-0946Dec 15, 2003
    risk 0.00cvss epss 0.03

    Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL…

Page 8 of 8