Vulnerabilities > Clamav > Clamav > 0.88
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-16 | CVE-2007-0897 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. | 7.5 |
2006-08-08 | CVE-2006-4018 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clamav Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. | 7.5 |
2006-04-06 | CVE-2006-1615 | USE of Externally-Controlled Format String vulnerability in Clamav Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. | 10.0 |