Search Results (61 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5050 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.
CVE-2008-5314 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
CVE-2008-1836 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.
CVE-2007-6029 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2006-6406 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
CVE-2007-3024 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.
CVE-2007-0898 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message.
CVE-2007-6336 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
CVE-2006-5874 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
CVE-2007-6337 2 Clam Anti-virus, Gentoo 2 Clamav, Linux 2026-04-23 N/A
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
CVE-2007-6596 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.
CVE-2008-1100 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
CVE-2008-1387 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
CVE-2008-1389 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
CVE-2008-1833 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
CVE-2008-1837 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.
CVE-2005-1800 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
CVE-2005-3587 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
CVE-2006-1989 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.
CVE-2004-1876 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.