MidnightBSD

Advisories for clamavs

CVE-2010-0098 HIGH

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
clamav clamav 0.67
clamav clamav 0.70
clamav clamav 0.3
clamav clamav 0.71
clamav clamav 0.91.2
clamav clamav 0.94
clamav clamav 0.88.2
clamav clamav 0.90.2
clamavs clamav 0.06
clamav clamav 0.9
clamav clamav 0.67-1
clamav clamav 0.86.1
clamav clamav 0.68
clamav clamav 0.10
clamav clamav 0.24
clamav clamav 0.93.1
clamav clamav 0.95.2
clamav clamav 0.91
clamav clamav 0.88.7
clamav clamav 0.02
clamav clamav 0.95
clamav clamav 0.60p
clamav clamav 0.85.1
clamav clamav 0.87
clamav clamav 0.22
clamav clamav 0.74
clamav clamav 0.88.6
clamav clamav 0.54
clamav clamav 0.12
clamav clamav 0.60
clamav clamav 0.75.1
clamav clamav 0.86.2
clamav clamav 0.90.3
clamav clamav 0.14
clamav clamav 0.93
clamav clamav 0.95.3
clamav clamav 0.86
clamav clamav 0.88.5
clamav clamav 0.88.4
clamav clamav 0.90
clamav clamav 0.05
clamav clamav 0.83
clamav clamav 0.53
clamav clamav 0.66
clamav clamav 0.81
clamav clamav 0.94.2
clamav clamav 0.01
clamav clamav 0.52
clamav clamav 0.88.3
clamav clamav *
clamav clamav 0.90.1
clamav clamav 0.95.1
clamav clamav 0.68.1
clamav clamav 0.65
clamav clamav 0.82
clamav clamav 0.94.1
clamav clamav 0.72
clamav clamav 0.96
clamavs clamav 0.04
clamav clamav 0.13
clamav clamav 0.88
clamav clamav 0.03
clamav clamav 0.85
clamav clamav 0.92.1
clamav clamav 0.92
clamav clamav 0.87.1
clamav clamav 0.93.2
clamav clamav 0.20
clamav clamav 0.73
clamav clamav 0.51
clamav clamav 0.91.1
clamav clamav 0.93.3
clamav clamav 0.21
clamav clamav 0.23
clamav clamav 0.88.1
clamav clamav 0.75
clamav clamav 0.80
clamav clamav 0.15
clamav clamav 0.84
CVE-2010-1311 MEDIUM

The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
clamav clamav 0.67
clamav clamav 0.70
clamav clamav 0.3
clamav clamav 0.71
clamav clamav 0.91.2
clamav clamav 0.94
clamav clamav 0.88.2
clamav clamav 0.90.2
clamavs clamav 0.06
clamav clamav 0.9
clamav clamav 0.67-1
clamav clamav 0.86.1
clamav clamav 0.68
clamav clamav 0.10
clamav clamav 0.24
clamav clamav 0.93.1
clamav clamav 0.95.2
clamav clamav 0.91
clamav clamav 0.88.7
clamav clamav 0.02
clamav clamav 0.95
clamav clamav 0.60p
clamav clamav 0.85.1
clamav clamav 0.87
clamav clamav 0.22
clamav clamav 0.74
clamav clamav 0.88.6
clamav clamav 0.54
clamav clamav 0.12
clamav clamav 0.60
clamav clamav 0.75.1
clamav clamav 0.86.2
clamav clamav 0.90.3
clamav clamav 0.14
clamav clamav 0.93
clamav clamav 0.95.3
clamav clamav 0.86
clamav clamav 0.88.5
clamav clamav 0.88.4
clamav clamav 0.90
clamav clamav 0.05
clamav clamav 0.83
clamav clamav 0.53
clamav clamav 0.66
clamav clamav 0.81
clamav clamav 0.94.2
clamav clamav 0.01
clamav clamav 0.52
clamav clamav 0.88.3
clamav clamav *
clamav clamav 0.90.1
clamav clamav 0.95.1
clamav clamav 0.68.1
clamav clamav 0.65
clamav clamav 0.82
clamav clamav 0.94.1
clamav clamav 0.72
clamav clamav 0.96
clamavs clamav 0.04
clamav clamav 0.13
clamav clamav 0.88
clamav clamav 0.03
clamav clamav 0.85
clamav clamav 0.92.1
clamav clamav 0.92
clamav clamav 0.87.1
clamav clamav 0.93.2
clamav clamav 0.20
clamav clamav 0.73
clamav clamav 0.51
clamav clamav 0.91.1
clamav clamav 0.93.3
clamav clamav 0.21
clamav clamav 0.23
clamav clamav 0.88.1
clamav clamav 0.75
clamav clamav 0.80
clamav clamav 0.15
clamav clamav 0.84