MidnightBSD

Advisories for clam_anti-virus

CVE-2003-0946 HIGH

Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.60p
clam_anti-virus clamav 0.60
CVE-2004-0270 MEDIUM

libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.65
CVE-2004-1876 MEDIUM

The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.68.1
CVE-2004-1909 LOW

Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.65
CVE-2005-0133 MEDIUM

ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.68.1
CVE-2005-0218 MEDIUM

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.68.1
CVE-2005-1711 HIGH

Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gibraltar gibraltar_firewall 2.2
clam_anti-virus clamav 0.90.2
squid squid 2.6.stable1
CVE-2005-1795 HIGH

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
clam_anti-virus clamav *
CVE-2005-1800 MEDIUM

Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.84_rc2
clam_anti-virus clamav 0.82
CVE-2005-1922 MEDIUM

The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.84_rc2
clam_anti-virus clamav 0.82
CVE-2005-1923 LOW

The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.84_rc2
CVE-2005-2056 LOW

The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.85.1
CVE-2005-2450 HIGH

Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.85.1
CVE-2005-2919 MEDIUM

libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,CWE-399,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.72
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.75
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.74
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.73
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.71
CVE-2005-2920 HIGH

Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.72
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.75
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.74
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.73
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.71
CVE-2005-3239 HIGH

The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav .
CVE-2005-3303 HIGH

The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
CVE-2005-3500 MEDIUM

The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.72
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.21
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.75
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.15
clam_anti-virus clamav 0.74
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.22
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.20
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.23
clam_anti-virus clamav 0.73
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.68.1
clam_anti-virus clamav 0.71
clam_anti-virus clamav 0.24
CVE-2005-3587 HIGH

Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.72
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.21
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.75
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.15
clam_anti-virus clamav 0.74
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.22
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.20
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.23
clam_anti-virus clamav 0.73
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.68.1
clam_anti-virus clamav 0.71
clam_anti-virus clamav 0.24
CVE-2006-0162 HIGH

Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.84_rc2
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.85
clam_anti-virus clamav .
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.87.1
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.80_rc3
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.80_rc2
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.80_rc1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.80_rc4
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.68.1
CVE-2006-1614 MEDIUM

Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.84_rc2
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.87.1
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.80_rc3
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.80_rc2
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.80_rc1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.80_rc4
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.88
clam_anti-virus clamav 0.68.1
CVE-2006-1630 MEDIUM

The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.83
clam_anti-virus clamav 0.86.2
clam_anti-virus clamav 0.75.1
clam_anti-virus clamav 0.51
clam_anti-virus clamav 0.53
clam_anti-virus clamav 0.84_rc2
clam_anti-virus clamav 0.65
clam_anti-virus clamav 0.68
clam_anti-virus clamav 0.70
clam_anti-virus clamav 0.85
clam_anti-virus clamav 0.87
clam_anti-virus clamav 0.87.1
clam_anti-virus clamav 0.60
clam_anti-virus clamav 0.80_rc3
clam_anti-virus clamav 0.52
clam_anti-virus clamav 0.80
clam_anti-virus clamav 0.54
clam_anti-virus clamav 0.80_rc2
clam_anti-virus clamav 0.86
clam_anti-virus clamav 0.80_rc1
clam_anti-virus clamav 0.85.1
clam_anti-virus clamav 0.67
clam_anti-virus clamav 0.84
clam_anti-virus clamav 0.81
clam_anti-virus clamav 0.80_rc4
clam_anti-virus clamav 0.84_rc1
clam_anti-virus clamav 0.86.1
clam_anti-virus clamav 0.82
clam_anti-virus clamav 0.88
clam_anti-virus clamav 0.68.1
CVE-2006-1989 MEDIUM

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamav 0.88
clam_anti-virus clamav 0.88.1
CVE-2006-2427 HIGH

freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
clam_anti-virus clamxav 1.0.3h
clam_anti-virus clamav 0.88