This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Clam Anti-Virus First view 2007-08-23
Product Clamav Last view 2008-12-03
Version 0.91rc2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:clam_anti-virus:clamav

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2008-12-03 CVE-2008-5314

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

9.3 2008-11-12 CVE-2008-5050

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

5 2008-09-04 CVE-2008-1389

libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

5 2008-04-16 CVE-2008-1837

libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.

5 2008-04-16 CVE-2008-1835

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.

10 2008-02-12 CVE-2008-0318

Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

6.8 2007-12-19 CVE-2007-6336

Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

7.5 2007-12-19 CVE-2007-6335

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

7.6 2007-08-27 CVE-2007-4560

clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."

4.3 2007-08-23 CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.

CWE : Common Weakness Enumeration

%idName
30% (3) CWE-399 Resource Management Errors
30% (3) CWE-189 Numeric Errors
20% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
10% (1) CWE-20 Improper Input Validation

SAINT Exploits

Description Link
ClamAV milter popen command injection More info here

Open Source Vulnerability Database (OSVDB)

id Description
50363 ClamAV libclamav/special.c Multiple Function Crafted JPEG File Handling Overf...
49832 ClamAV libclamav/vba_extract.c get_unicode_name() Function Off-by-one Overflow
47881 ClamAV libclamav/chmunpack.c Crafted CHM File Handling DoS
44524 ClamAV libclamunrar Crafted RAR File Handling Remote DoS
44522 ClamAV Crafted RAR File Handling Remote Security Bypass
42297 ClamAV libclamav cli_scanpe Function Petite Packed PE File Handling Overflow
42295 ClamAV libclamav cli_scanpe() MEW Packed PE File Handling Overflow
42294 ClamAV MS-ZIP Compressed CAB File Unspecified Arbitrary Code Execution
36911 Clam AntiVirus libclamav/htmlnorm.c cli_html_normalise Function HTML Handling...
36910 Clam AntiVirus libclamav/rtf.c cli_scanrtf Function RTF File Handling DoS
36909 ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Comma...

ExploitDB Exploits

id Description
4862 ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12 Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2010-05-12 Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav.nasl
2009-10-13 Name : SLES10: Security update for ClamAV
File : nvt/sles10_clamav5.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav6.nasl
2009-10-10 Name : SLES9: Security update for ClamAV
File : nvt/sles9p5039718.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5012138.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5021938.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5023300.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5035180.nasl
2009-10-10 Name : SLES9: Security update for ClamAV
File : nvt/sles9p5038481.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:189-1 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_189_1.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:239 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_239.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:229 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_229.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:189 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_189.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:088 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_088.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:003 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_003.nasl
2009-04-09 Name : Mandriva Update for clamav MDKSA-2007:172 (clamav)
File : nvt/gb_mandriva_MDKSA_2007_172.nasl
2009-03-23 Name : Ubuntu Update for clamav vulnerability USN-684-1
File : nvt/gb_ubuntu_USN_684_1.nasl
2009-03-23 Name : Ubuntu Update for clamav vulnerability USN-672-1
File : nvt/gb_ubuntu_USN_672_1.nasl
2009-02-27 Name : Fedora Update for clamav FEDORA-2007-2050
File : nvt/gb_fedora_2007_2050_clamav_fc7.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-3358
File : nvt/gb_fedora_2008_3358_clamav_fc7.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-0115
File : nvt/gb_fedora_2008_0115_clamav_fc8.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-9644
File : nvt/gb_fedora_2008_9644_clamav_fc9.nasl

Snort® IPS/IDS

Date Description
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26374 - Type : FILE-IMAGE - Revision : 9
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26373 - Type : FILE-IMAGE - Revision : 5
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 26372 - Type : FILE-IMAGE - Revision : 5
2014-01-10 ClamAV antivirus CHM file handling DOS
RuleID : 17602 - Type : FILE-OTHER - Revision : 10
2014-01-10 ClamAV Antivirus Function Denial of Service attempt
RuleID : 17390 - Type : FILE-IMAGE - Revision : 10
2014-01-10 ClamAV libclamav PE file handling integer overflow attempt
RuleID : 17305 - Type : FILE-OTHER - Revision : 9
2014-01-10 ClamAV MEW PE file integer overflow attempt
RuleID : 13362 - Type : EXPLOIT - Revision : 8
2014-01-10 ClamAV MEW PE file integer overflow attempt
RuleID : 13361 - Type : FILE-OTHER - Revision : 13
2014-01-10 Recipient arbitrary command injection attempt
RuleID : 12592 - Type : SERVER-MAIL - Revision : 15

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-23 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12293.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_clamav-5842.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_clamav-5769.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12318.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12292.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12236.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-081204.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-081114.nasl - Type: ACT_GATHER_INFO
2009-07-21 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_clamav-080905.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-003.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-088.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-189.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-229.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-239.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-672-1.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-684-1.nasl - Type: ACT_GATHER_INFO
2009-02-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-001.nasl - Type: ACT_GATHER_INFO
2008-12-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200812-21.nasl - Type: ACT_GATHER_INFO
2008-12-15 Name: The remote openSUSE host is missing a security update.
File: suse_clamav-5843.nasl - Type: ACT_GATHER_INFO
2008-12-11 Name: The remote antivirus service is affected by multiple issues.
File: clamav_0_94.nasl - Type: ACT_GATHER_INFO
2008-12-04 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1680.nasl - Type: ACT_GATHER_INFO
2008-12-03 Name: The remote antivirus service is vulnerable to a denial of service attack.
File: clamav_0_94_2.nasl - Type: ACT_GATHER_INFO
2008-11-24 Name: The remote openSUSE host is missing a security update.
File: suse_clamav-5773.nasl - Type: ACT_GATHER_INFO
2008-11-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_clamav-5768.nasl - Type: ACT_GATHER_INFO
2008-11-16 Name: The remote Fedora host is missing a security update.
File: fedora_2008-9644.nasl - Type: ACT_GATHER_INFO