Clam Anti-virus » Clamav » 0.92.1 : Security Vulnerabilities, CVEs, (Overflow)
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
5.36%
Published
2008-11-13
Updated
2018-10-11
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
Max CVSS
7.5
EPSS Score
8.26%
Published
2008-04-16
Updated
2017-08-08
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
Max CVSS
10.0
EPSS Score
45.99%
Published
2008-04-14
Updated
2017-08-08
Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
Max CVSS
7.5
EPSS Score
21.95%
Published
2008-04-16
Updated
2017-08-08
4 vulnerabilities found