Clamav
by ClamAV
Source repositories
CVEs (147)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-1795 | 0.00 | — | 0.04 | May 27, 2005 | The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being… | |||
| CVE-2005-1711 | 0.00 | — | 0.01 | May 24, 2005 | Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. | |||
| CVE-2005-0133 | 0.00 | — | 0.03 | May 2, 2005 | ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. | |||
| CVE-2005-0218 | 0.00 | — | 0.02 | May 2, 2005 | ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. | |||
| CVE-2004-1909 | 0.00 | — | 0.01 | Dec 31, 2004 | Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. | |||
| CVE-2004-1876 | 0.00 | — | 0.01 | Mar 30, 2004 | The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. | |||
| CVE-2003-0946 | 0.00 | — | 0.03 | Dec 15, 2003 | Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL… |
- CVE-2005-1795May 27, 2005risk 0.00cvss —epss 0.04
The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being…
- CVE-2005-1711May 24, 2005risk 0.00cvss —epss 0.01
Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
- CVE-2005-0133May 2, 2005risk 0.00cvss —epss 0.03
ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.
- CVE-2005-0218May 2, 2005risk 0.00cvss —epss 0.02
ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
- CVE-2004-1909Dec 31, 2004risk 0.00cvss —epss 0.01
Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.
- CVE-2004-1876Mar 30, 2004risk 0.00cvss —epss 0.01
The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.
- CVE-2003-0946Dec 15, 2003risk 0.00cvss —epss 0.03
Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL…
Page 8 of 8