Vulnerabilities > Clamav > High

DATE CVE VULNERABILITY TITLE RISK
2016-06-08 CVE-2016-1405 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
network
low complexity
clamav cisco CWE-119
7.5
2007-02-16 CVE-2007-0897 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor.
network
low complexity
clamav apple debian CWE-772
7.5