CVE-2005-0218Anti-virus Clamav vulnerability

6 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 30.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ClamavClam Anti-virus Clamav
Timeline
PublishedMay 2
Latest updateMay 1

Description

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDclam_anti-virus/clamav10 versions+9
Debianclamav/clamav< 0.81+3

Patches

Patch: www.gentoo.orgPatch: www.gentoo.org

🔴Vulnerability Details

3
GHSA
GHSA-68vc-4hwj-mqq6: ClamAV 02022-05-01
OSV
CVE-2005-0218: ClamAV 02005-05-02
CVEList
CVE-2005-0218: ClamAV 02005-02-06

📋Vendor Advisories

1
Debian
CVE-2005-0218: clamav - ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a b...2005

💬Community

1
Bugzilla
up-imapproxy: CAN-2005-2661 (format string vulnerability)2005-10-09
CVE-2005-0218 — Clam Anti-virus Clamav vulnerability | cvebase