Clam Anti-Virus Clamav vulnerabilities

CVE-2008-5314 [MEDIUM] CWE-399 CVE-2008-5314: Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attacke Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

CVE-2008-5050 [CRITICAL] CWE-119 CVE-2008-5050: Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (Clam Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.

CVE-2008-1389 [MEDIUM] CWE-399 CVE-2008-1389: libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a den libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

CVE-2008-3215 [MEDIUM] CVE-2008-3215: libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.

CVE-2008-2713 [MEDIUM] CWE-399 CVE-2008-2713: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

CVE-2008-1833 [HIGH] CWE-119 CVE-2008-1833: Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.

CVE-2008-0314 [HIGH] CWE-119 CVE-2008-0314: Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execut Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.

CVE-2008-1837 [MEDIUM] CWE-399 CVE-2008-1837: libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.

CVE-2008-1835 [MEDIUM] CWE-20 CVE-2008-1835: ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an inva ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.

CVE-2008-1836 [MEDIUM] CVE-2008-1836: The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to caus The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

CVE-2008-1387 [MEDIUM] CVE-2008-1387: ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a craf ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

CVE-2008-1100 [CRITICAL] CWE-119 CVE-2008-1100: Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

CVE-2008-0318 [CRITICAL] CWE-189 CVE-2008-0318: Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.

CVE-2007-6337 [CRITICAL] CVE-2007-6337: Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV bef Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.

CVE-2007-6596 [MEDIUM] CWE-20 CVE-2007-6596: ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass th ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.

CVE-2007-6595 [LOW] CWE-59 CVE-2007-6595: ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary fi ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii files used by sigtool, when utf16-decode is enabled.

CVE-2007-6335 [HIGH] CWE-189 CVE-2007-6335: Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary cod Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

CVE-2007-6336 [MEDIUM] CWE-119 CVE-2007-6336: Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a craft Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.

CVE-2007-6029 [HIGH] CWE-94 CVE-2007-6029: Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary c Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes,

CVE-2007-4560 [HIGH] CWE-78 CVE-2007-4560: clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execu clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."