exploitDog

CVE-2005-1795

Опубликовано: 27 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

Ссылки

http://securitytracker.com/id?1014070
Patch
Vendor Advisory
http://www.sentinelchicken.com/advisories/clamav
Exploit
Vendor Advisory
http://securitytracker.com/id?1014070
Patch
Vendor Advisory
http://www.sentinelchicken.com/advisories/clamav
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*

Версия до 0.84 (включая)

EPSS

Процентиль: 84%

0.02166

Низкий

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-vxqx-fgx3-fgh9

github

почти 4 года назад

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, which are not properly handled when HFS permissions prevent the file from being deleted and ditto is invoked.

EPSS

Процентиль: 84%

0.02166

Низкий

7.5 High

CVSS2

Дефекты

CWE-20