Vulnerabilities > Clam Anti Virus > Clamav > 0.90.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-07 | CVE-2007-3024 | Multiple Unspecified vulnerability in ClamAV libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files. | 2.1 |
2007-06-07 | CVE-2007-3123 | Remote Denial Of Service vulnerability in Clam AntiVirus ClamAV RAR Handling unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow. | 5.0 |
2007-06-07 | CVE-2007-3122 | Security Bypass vulnerability in ClamAV The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR. | 5.0 |
2007-06-07 | CVE-2007-3023 | Multiple Unspecified vulnerability in ClamAV unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors. | 10.0 |
2007-04-16 | CVE-2007-1997 | Remote vulnerability in ClamAV Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. | 7.5 |