Vulnerabilities
Vulnerable Software
Clamav:  Security Vulnerabilities
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.
CVSS Score
7.5
EPSS Score
0.034
Published
2016-06-08
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file.
CVSS Score
5.0
EPSS Score
0.032
Published
2015-05-12
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file.
CVSS Score
5.0
EPSS Score
0.032
Published
2015-05-12
ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file.
CVSS Score
5.0
EPSS Score
0.032
Published
2015-05-12
The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVSS Score
5.0
EPSS Score
0.032
Published
2015-05-12
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
CVSS Score
7.5
EPSS Score
0.028
Published
2015-02-03
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
CVSS Score
5.0
EPSS Score
0.027
Published
2015-02-03
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
CVSS Score
7.5
EPSS Score
0.028
Published
2015-02-03
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
CVSS Score
7.5
EPSS Score
0.032
Published
2015-02-03
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
CVSS Score
5.0
EPSS Score
0.049
Published
2014-12-01


Contact Us

Shodan ® - All rights reserved