Vulnerabilities > Clam Anti Virus > Clamav > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-01 | CVE-2006-1989 | Remote Buffer Overflow vulnerability in Clam Anti-Virus Clamav 0.88/0.88.1 Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers. | 5.1 |
| 2006-04-06 | CVE-2006-1630 | Multiple vulnerability in Clam AntiVirus ClamAV The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access." | 5.0 |
| 2006-04-06 | CVE-2006-1614 | Multiple vulnerability in Clam AntiVirus ClamAV Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 5.1 |
| 2005-11-05 | CVE-2005-3500 | Denial Of Service vulnerability in Clam Anti-Virus ClamAV TNEF File Handling The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block. | 5.0 |
| 2005-10-14 | CVE-2005-3229 | Security Bypass vulnerability in ClamAV Antivirus Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
| 2005-09-20 | CVE-2005-2919 | Code vulnerability in Clam Anti-Virus Clamav libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. | 5.0 |
| 2005-07-05 | CVE-2005-1922 | Unspecified vulnerability in Clam Anti-Virus Clamav The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. | 5.0 |
| 2005-05-28 | CVE-2005-1800 | Cross-Site Scripting vulnerability in JAWS Glossary Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php. network clam-anti-virus | 4.3 |
| 2005-05-02 | CVE-2005-0218 | Unspecified vulnerability in Clam Anti-Virus Clamav ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. | 5.0 |
| 2005-05-02 | CVE-2005-0133 | Unspecified vulnerability in Clam Anti-Virus Clamav ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. | 5.0 |