Vulnerabilities > Clam Anti Virus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-29 | CVE-2005-2056 | Quantum Decompressor Denial Of Service vulnerability in Clam Anti-Virus Clamav 0.85/0.85.1/0.86 The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. | 2.6 |
| 2005-05-28 | CVE-2005-1800 | Cross-Site Scripting vulnerability in JAWS Glossary Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php. network clam-anti-virus | 4.3 |
| 2005-05-27 | CVE-2005-1795 | Improper Input Validation vulnerability in Clam Anti-Virus Clamav The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked. | 7.5 |
| 2005-05-24 | CVE-2005-1711 | Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. | 7.5 |
| 2005-05-02 | CVE-2005-0218 | Unspecified vulnerability in Clam Anti-Virus Clamav ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL. | 5.0 |
| 2005-05-02 | CVE-2005-0133 | Unspecified vulnerability in Clam Anti-Virus Clamav ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. | 5.0 |
| 2004-12-31 | CVE-2004-1909 | Remote Denial Of Service vulnerability in Clam Anti-Virus Clamav 0.65/0.67 Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. | 2.6 |
| 2004-11-23 | CVE-2004-0270 | Denial Of Service vulnerability in Clam Anti-Virus Clamav 0.65 libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program. | 5.0 |
| 2004-03-30 | CVE-2004-1876 | Unspecified vulnerability in Clam Anti-Virus Clamav The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. | 4.6 |
| 2003-12-15 | CVE-2003-0946 | Denial-Of-Service vulnerability in Clam Anti-Virus Clamav 0.60/0.60P Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. | 7.5 |