Clam Anti-virus : Security Vulnerabilities, CVEs, Published In 2008 (Overflow)

CVE-2008-5050

Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
5.36%
Published
2008-11-13
Updated
2018-10-11

CVE-2008-1833

Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
Max CVSS
7.5
EPSS Score
8.26%
Published
2008-04-16
Updated
2017-08-08

CVE-2008-1100

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
Max CVSS
10.0
EPSS Score
45.99%
Published
2008-04-14
Updated
2017-08-08

CVE-2008-0318

Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
53.22%
Published
2008-02-12
Updated
2011-03-07

CVE-2008-0314

Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
Max CVSS
7.5
EPSS Score
21.95%
Published
2008-04-16
Updated
2017-08-08
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close