Vulnerabilities > Clam Anti Virus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-04-16 | CVE-2008-0314 | Buffer Errors vulnerability in Clam Anti-Virus Clamav 0.92.1 Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value. | 7.5 |
| 2008-04-14 | CVE-2008-1100 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clam Anti-Virus Clamav 0.92/0.92.1 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. | 10.0 |
| 2008-02-12 | CVE-2008-0318 | Numeric Errors vulnerability in Clam Anti-Virus Clamav Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. | 10.0 |
| 2007-12-31 | CVE-2007-6596 | Improper Input Validation vulnerability in Clam Anti-Virus Clamav 0.92 ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file. | 5.0 |
| 2007-12-31 | CVE-2007-6595 | Link Following vulnerability in Clam Anti-Virus Clamav 0.92 ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled. | 2.1 |
| 2007-12-31 | CVE-2007-6337 | Unspecified vulnerability in Clam Anti-Virus Clamav 0.91.2 Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors. | 10.0 |
| 2007-12-20 | CVE-2007-6336 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clam Anti-Virus Clamav Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. | 6.8 |
| 2007-12-20 | CVE-2007-6335 | Numeric Errors vulnerability in Clam Anti-Virus Clamav Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow. | 7.5 |
| 2007-11-20 | CVE-2007-6029 | Code Injection vulnerability in Clam Anti-Virus Clamav 0.91.1/0.91.2 Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. | 7.5 |
| 2007-08-28 | CVE-2007-4560 | OS Command Injection vulnerability in Clam Anti-Virus Clamav clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail." | 7.6 |