This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Clam Anti-Virus First view 2007-04-16
Product Clamav Last view 2008-12-03
Version 0.90.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:clam_anti-virus:clamav

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2008-12-03 CVE-2008-5314

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

9.3 2008-11-12 CVE-2008-5050

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

5 2008-09-04 CVE-2008-1389

libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

5 2008-07-18 CVE-2008-3215

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.

5 2008-06-16 CVE-2008-2713

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

5 2008-04-16 CVE-2008-1837

libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.

4.3 2008-04-16 CVE-2008-1836

The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

5 2008-04-16 CVE-2008-1835

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.

4.3 2008-04-16 CVE-2008-1387

ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

10 2008-02-12 CVE-2008-0318

Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

6.8 2007-12-19 CVE-2007-6336

Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

7.5 2007-12-19 CVE-2007-6335

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

7.6 2007-08-27 CVE-2007-4560

clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."

4.3 2007-08-23 CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

5 2007-06-07 CVE-2007-3123

unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.

5 2007-06-07 CVE-2007-3122

The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.

5 2007-06-07 CVE-2007-3025

Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions.

2.1 2007-06-07 CVE-2007-3024

libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.

10 2007-06-07 CVE-2007-3023

unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.

7.5 2007-04-16 CVE-2007-1997

Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow.

7.1 2007-04-16 CVE-2007-1745

The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.

CWE : Common Weakness Enumeration

%idName
41% (5) CWE-399 Resource Management Errors
25% (3) CWE-189 Numeric Errors
16% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
8% (1) CWE-20 Improper Input Validation

SAINT Exploits

Description Link
ClamAV milter popen command injection More info here

Open Source Vulnerability Database (OSVDB)

id Description
50363 ClamAV libclamav/special.c Multiple Function Crafted JPEG File Handling Overf...
49832 ClamAV libclamav/vba_extract.c get_unicode_name() Function Off-by-one Overflow
47881 ClamAV libclamav/chmunpack.c Crafted CHM File Handling DoS
47156 ClamAV libclamav/petite.c Crafted Petite File Remote DoS
46241 ClamAV libclamav/petite.c Crafted Packed Executable DoS
45392 ClamAV Parsing Engine Crafted RAR File Scanning Bypass
44524 ClamAV libclamunrar Crafted RAR File Handling Remote DoS
44523 ClamAV libclamav message.c rfc2231 Function Crafted Message Remote DoS
44522 ClamAV Crafted RAR File Handling Remote Security Bypass
44520 ClamAV ARJ Archive Handling Unspecified Resource Consumption DoS
42297 ClamAV libclamav cli_scanpe Function Petite Packed PE File Handling Overflow
42295 ClamAV libclamav cli_scanpe() MEW Packed PE File Handling Overflow
42294 ClamAV MS-ZIP Compressed CAB File Unspecified Arbitrary Code Execution
36911 Clam AntiVirus libclamav/htmlnorm.c cli_html_normalise Function HTML Handling...
36910 Clam AntiVirus libclamav/rtf.c cli_scanrtf Function RTF File Handling DoS
36909 ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Comma...
36908 Clam AntiVirus unsp.c Unspecified DoS
35522 Clam AntiVirus libclamav Multiple Unspecified Issue
34914 Clam AntiVirus libclamav/cab.c Multiple Function CHM Handling Overflow
34913 Clam AntiVirus libclamav/chmunpack.c chm_decompress_stream Function File Desc...

ExploitDB Exploits

id Description
4862 ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12 Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2010-05-12 Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav0.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav2.nasl
2009-10-13 Name : SLES10: Security update for ClamAV
File : nvt/sles10_clamav5.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav6.nasl
2009-10-10 Name : SLES9: Security update for ClamAV
File : nvt/sles9p5039718.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5019327.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5021938.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5023300.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5029200.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5030240.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5035180.nasl
2009-10-10 Name : SLES9: Security update for ClamAV
File : nvt/sles9p5038481.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5012138.nasl
2009-04-09 Name : Mandriva Update for clamav MDKSA-2007:098 (clamav)
File : nvt/gb_mandriva_MDKSA_2007_098.nasl
2009-04-09 Name : Mandriva Update for clamav MDKSA-2007:172 (clamav)
File : nvt/gb_mandriva_MDKSA_2007_172.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:003 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_003.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:088 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_088.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:122 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_122.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:166 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_166.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:189-1 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_189_1.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:229 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_229.nasl

Snort® IPS/IDS

Date Description
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26374 - Type : FILE-IMAGE - Revision : 9
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26373 - Type : FILE-IMAGE - Revision : 5
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26372 - Type : FILE-IMAGE - Revision : 5
2014-01-10 ClamAV antivirus CHM file handling DOS
RuleID : 17602 - Type : FILE-OTHER - Revision : 10
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 17390 - Type : FILE-IMAGE - Revision : 10
2014-01-10 ClamAV libclamav PE file handling integer overflow attempt
RuleID : 17305 - Type : FILE-OTHER - Revision : 9
2014-01-10 ClamAV MEW PE file integer overflow attempt
RuleID : 13362 - Type : EXPLOIT - Revision : 8
2014-01-10 ClamAV MEW PE file integer overflow attempt
RuleID : 13361 - Type : FILE-OTHER - Revision : 13
2014-01-10 Recipient arbitrary command injection attempt
RuleID : 12592 - Type : SERVER-MAIL - Revision : 15

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-23 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12293.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12201.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12236.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12292.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_clamav-5842.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12318.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_clamav-5769.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-080617.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-080711.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-081204.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-081114.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-080905.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-229.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-239.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-189.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-166.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-122.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-088.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-672-1.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-684-1.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-003.nasl - Type: ACT_GATHER_INFO
2009-02-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-001.nasl - Type: ACT_GATHER_INFO
2008-12-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200812-21.nasl - Type: ACT_GATHER_INFO
2008-12-15 Name: The remote openSUSE host is missing a security update.
File: suse_clamav-5843.nasl - Type: ACT_GATHER_INFO
2008-12-11 Name: The remote antivirus service is affected by multiple issues.
File: clamav_0_94.nasl - Type: ACT_GATHER_INFO