Cisco Clam Antivirus vulnerabilities

CVE-2022-20792 [HIGH] CWE-125 CVE-2022-20792: A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (Cl A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking

CVE-2020-3350 [MEDIUM] CWE-362 CVE-2020-3350: A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow a A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vu

CVE-2020-3341 [HIGH] CWE-20 CVE-2020-3341: A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to

CVE-2020-3327 [HIGH] CWE-20 CVE-2020-3327: A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102 A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affec